leapcat-trading

SUSPICIOUS. The skill’s trading functionality matches its stated purpose, but the core `leapcat` CLI is unverifiable and receives account authentication plus authority to execute real stock trades. Because this is an unknown binary performing high-impact financial actions, the skill carries high security risk even without confirmed malicious behavior.