agent-trading-predictor

This skill is functionally designed to perform autonomous high-frequency trading and to execute arbitrary code inside a sandboxed runtime. While no explicit obfuscated or obviously malicious code (payload downloader, hardcoded keys, or exfiltration endpoints) is present in the supplied text, the combination of opaque external primitives (mcp__*), arbitrary code injection into sandbox_execute, continuous autonomous trading loops, and lack of explicit safe credential handling represents a high operational security risk. The skill enables real-world financial actions without documented per-action human authorization and lacks clear dataflow transparency, making it dangerous to deploy without strict controls, vetted MCP implementations, least-privilege credentialing, endpoint whitelisting, and human-in-the-loop safeguards.