blave-quant

Warn

Audited by Socket on Jul 7, 2026

2 alerts found:

AnomalySecurity
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill is internally coherent and uses mostly official endpoints, but its footprint is high-risk because it centralizes many exchange credentials and enables live trading and transfers with real financial consequences. The explicit CONFIRM workflow and anti-autonomy rule are meaningful safeguards, so this is not malware, but it remains a medium-high security risk skill.

Confidence: 86%Severity: 68%
SecurityMEDIUM
references/marketplace.md

The fragment is documentation describing an end-to-end client workflow for downloading and locally executing untrusted Python “strategy” source code from a marketplace (including multi-strategy bundle splitting). While the text itself does not contain explicit malicious payloads, it clearly enables a high-impact supply-chain execution pathway (marketplace/server/client -> local filesystem -> python3). The overall security risk is high unless strong authenticity/integrity checks (e.g., signatures/hashes), robust sandboxing/containment, and reliable static/dynamic scanning plus strict filename/path sanitization are enforced.

Confidence: 62%Severity: 80%
Audit Metadata
Analyzed At
Jul 7, 2026, 05:47 PM
Package URL
pkg:socket/skills-sh/blave-tw%2Fblave-quant-skill%2Fblave-quant%2F@36c6b671acec6de7c182ec9a6c8d5de7e6b562f0
Security Audit — socket — blave-quant