aicoin-freqtrade
Warn
Audited by Snyk on May 20, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). This skill directly calls the public AiCoin API (https://open.aicoin.com) via lib/aicoin-api.mjs and lib/aicoin_data.py (referenced throughout SKILL.md and used in strategy code like populate_indicators/_update_aicoin_data), ingesting external market/data responses at runtime which are used to drive strategy logic and trading decisions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The host-mode install steps in scripts/ft-deploy.mjs fetch and execute remote code at runtime (e.g., git clone https://github.com/freqtrade/freqtrade.git and curl -LsSf https://astral.sh/uv/install.sh | sh), which causes execution of third-party code as a required installation step.
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). The skill explicitly exposes trading control and execution primitives. It documents REST/script actions that place or trigger trades and switch from dry-run to live trading (e.g., ft.mjs actions: force_enter, force_exit; set_dry_run with {"dry_run":false}; deploy with "dry_run":false). Those are specific market-execution operations (open/close orders and enabling live trading) that directly move funds via exchange integrations. This meets the "Market Orders / send transaction" criterion for Direct Financial Execution.
Issues (3)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
W009
MEDIUMDirect money access capability detected (payment gateways, crypto, banking).
Audit Metadata