Back to skill

Security audit

Freqtrade Tools

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Freqtrade shortcut guide, with real trading-risk caveats but no hidden installer, credential access, exfiltration, or automatic execution.

Install this only if you understand Freqtrade and Docker Compose. Before using ftstart, ftstop, or ftrestart, confirm whether the bot is in dry-run or live-trading mode; for live trading, require explicit human approval. Treat --erase as destructive to local downloaded data and avoid the cmd.exe batch templates with untrusted inputs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The Windows bot-control helpers execute `docker-compose start/stop/restart` immediately, despite the skill metadata stating these operations require confirmation when connected to live trading. In a trading context, unintended start/stop/restart actions can disrupt active strategies, alter market exposure, or create operational loss, especially because these are convenience aliases that reduce friction for dangerous actions.

Missing User Warnings

Medium
Confidence
79% confidence
Finding
The skill exposes `--erase` as an easy optional flag and notes when to use it, but does not clearly warn that it deletes existing downloaded data. While this is not code execution or privilege escalation, it can cause destructive data loss and undermine backtesting reproducibility or operator workflows if used accidentally.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.