ibkr
Warn
Audited by Snyk on Jun 18, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). The skill is explicitly a local gateway broker for Interactive Brokers (IBKR) and provides CLI commands to place and cancel orders (e.g., place --symbol ... --side buy --qty ..., cancel --order-id ...), view/manage orders/positions, and connect to live accounts (with --profile live and --confirm-live). It requires the TWS/IB Gateway API with "Read-Only API" off for order placement. These are specific brokerage/trading APIs and directly enable sending market/limit orders and cancelling them (i.e., moving money/placing trades), not just generic browsing or HTTP calls.
Issues (1)
W009
MEDIUMDirect money access capability detected (payment gateways, crypto, banking).
Audit Metadata