smart-dca-bot

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a crypto trading bot for Coinbase and is designed to place real trades: it states "All trades execute locally and directly against Coinbase APIs", provides live vs dry-run modes (live requires setting "dry_run": false and --allow-live), requires Coinbase API credentials and balance checks, describes executing to Coinbase ("Execute locally to Coinbase (or simulate in dry-run)"), and includes order management (cancel tracked pending Coinbase orders, emergency stop). These are specific, explicit mechanisms to send transactions/market orders to a crypto exchange, so it grants direct financial execution authority.