aicoin-freqtrade

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches live, public AiCoin data from https://open.aicoin.com via lib/aicoin-api.mjs and lib/aicoin_data.py (and uses it in scripts/ft-deploy.mjs and strategy files like WhaleFollowStrategy.py, FundingRateStrategy.py and LiquidationHunterStrategy.py), and those third-party responses are read and directly used in populate_indicators/_update_aicoin_data and entry/exit logic to drive trading decisions, so untrusted external content can materially influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill runs remote-install and repository commands at runtime—specifically it executes a fetched install script via "curl -LsSf https://astral.sh/uv/install.sh | sh" and clones+runs the Freqtrade repo from "https://github.com/freqtrade/freqtrade.git"—which downloads and executes remote code as part of deploy.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed for live cryptocurrency trading and bot deployment. It includes commands to deploy and run trading bots (ft-deploy.mjs deploy, ft.mjs start/stop/status, ft.mjs force_enter/force_exit), references an exchange trading integration (aicoin-trading) and requires exchange API keys (BINANCE_API_KEY / SECRET). The skill’s primary purpose is creating, backtesting, and deploying strategies that execute market orders in live/dry-run mode, so it provides direct financial execution capability.