trader-portfolio-cg

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill explicitly installs and runs the external npm CLI package "neural-trader" at runtime (via npm install / npx neural-trader, e.g. fetched from https://registry.npmjs.org/neural-trader), which results in remote code being fetched and executed and is relied on for required portfolio data/operations.