coinbase-cdp-connector

Warn

Audited by Socket on Jun 16, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill is coherent with its stated purpose and uses an official Coinbase package, so there is no strong malware signal. However, it is a high-impact finance connector that forwards API credentials to a CLI and can ultimately enable live crypto trading, so the overall security risk is medium due to autonomous real-world action potential and unpinned CLI execution.

Confidence: 100%Severity: 60%
Audit Metadata
Analyzed At
Jun 16, 2026, 08:02 AM
Package URL
pkg:socket/skills-sh/dzianisv%2Ffinancial-advisor-agents%2Fcoinbase-cdp-connector%2F@70663d0d64c5755671f764c3040e2ae3c3a3c3c0768b385e6ce5f438f7a541ae
Security Audit — socket — coinbase-cdp-connector