llm-trading-agent-security

Solid

Security patterns for autonomous trading agents with wallet or transaction authority. Covers prompt injection, spend limits, pre-send simulation, circuit breakers, MEV protection, and key handling.

AI & Automation 201,447 stars 30903 forks Updated yesterday MIT

Install

View on GitHub

Quality Score: 96/100

Stars 20%

100

Recency 20%

100

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

100

Description 5%

100

Skill Content

# LLM Trading Agent Security Autonomous trading agents have a harsher threat model than normal LLM apps: an injection or bad tool path can turn directly into asset loss. ## When to Use - Building an AI agent that signs and sends transactions - Auditing a trading bot or on-chain execution assistant - Designing wallet key management for an agent - Giving an LLM access to order placement, swaps, or treasury operations ## How It Works Layer the defenses. No single check is enough. Treat prompt hygiene, spend policy, simulation, execution limits, and wallet isolation as independent controls. ## Examples ### Treat prompt injection as a financial attack ```python import re INJECTION_PATTERNS = [ r'ignore (previous|all) instructions', r'new (task|directive|instruction)', r'system prompt', r'send .{0,50} to 0x[0-9a-fA-F]{40}', r'transfer .{0,50} to', r'approve .{0,50} for', ] def sanitize_onchain_data(text: str) -> str: for pattern in INJECTION_PATTERNS: if re.search(pattern, text, re.IGNORECASE): raise ValueError(f"Potential prompt injection: {text[:100]}") return text ``` Do not blindly inject token names, pair labels, webhooks, or social feeds into an execution-capable prompt. ### Hard spend limits ```python from decimal import Decimal MAX_SINGLE_TX_USD = Decimal("500") MAX_DAILY_SPEND_USD = Decimal("2000") class SpendLimitError(Exception): pass class SpendLimitGuard: def check_and_record(self, usd_amount: ...

Details

Author: affaan-m
Repository: affaan-m/everything-claude-code
Created: 4 months ago
Last Updated: yesterday
Language: JavaScript
License: MIT

Integrates with

Anthropic · AI

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Listed

ai-llm-safety

This skill should be used when designing, planning, implementing, or reviewing any system that involves LLM agents, tool use, prompt construction, or agentic workflows, or when the user asks to "add guardrails", "prevent prompt injection", "sanitize LLM output" — enforces prompt injection defense, tool safety, and context integrity

5 Updated today

alo-exp

AI & Automation Featured

langchain-security-basics

Apply LangChain security best practices for production LLM apps. Use when securing API keys, preventing prompt injection, sandboxing tool execution, or validating LLM outputs. Trigger: "langchain security", "prompt injection", "langchain secrets", "secure langchain", "LLM security", "safe tool execution".

2,274 Updated today

jeremylongshore

AI & Automation Solid

bagman

Secure key management for AI agents. Use when handling private keys, API secrets, wallet credentials, or when building systems that need agent-controlled funds. Covers secure storage, session keys, leak prevention, and prompt injection defense.

3,964 Updated 1 months ago

openclaw

AI & Automation Listed

prompt-guard

Runtime security scanner for AI agents. Detects prompt injection, jailbreaks, and 600+ attack patterns offline.

0 Updated today

fathanghani864

AI & Automation Listed

ai-threat-testing

Offensive AI security testing and exploitation framework. Systematically tests LLM applications for OWASP Top 10 vulnerabilities including prompt injection, model extraction, data poisoning, and supply chain attacks. Integrates with pentest workflows to discover and exploit AI-specific threats.

6 Updated yesterday

26zl