tdg-personal/llm-trading-agent-security
Security patterns for autonomous trading agents with wallet or transaction authority. Covers prompt injection, spend limits, pre-send simulation, circuit breakers, MEV protection, and key handling.
84
84%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Advisory
Suggest reviewing before use
Quality
Discovery
82%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a well-crafted description with strong specificity and excellent domain-specific trigger terms that clearly carve out a distinct niche. Its main weakness is the absence of an explicit 'Use when...' clause, which would help Claude know exactly when to select this skill over others.
Suggestions
Add a 'Use when...' clause such as 'Use when building or securing autonomous trading bots, crypto agents with wallet access, or when the user asks about transaction security, MEV protection, or agent spend limits.'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions/capabilities: prompt injection protection, spend limits, pre-send simulation, circuit breakers, MEV protection, and key handling. These are distinct, well-defined security patterns. | 3 / 3 |
Completeness | Clearly answers 'what does this do' (security patterns for autonomous trading agents covering specific areas), but lacks an explicit 'Use when...' clause or equivalent trigger guidance, which caps this at 2 per the rubric. | 2 / 3 |
Trigger Term Quality | Includes strong natural keywords users would say: 'trading agents', 'wallet', 'transaction', 'prompt injection', 'spend limits', 'circuit breakers', 'MEV protection', 'key handling'. These cover the domain well with terms a developer would naturally use. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive niche combining security patterns specifically for autonomous trading agents with wallet/transaction authority. The combination of blockchain/crypto trading security concepts (MEV, pre-send simulation, circuit breakers) makes it very unlikely to conflict with other skills. | 3 / 3 |
Total | 11 / 12 Passed |
Implementation
79%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a strong, actionable security skill with concrete, executable code examples covering the key threat vectors for autonomous trading agents. Its main weaknesses are the lack of an explicit sequenced workflow tying the layers together (especially important given the destructive nature of on-chain transactions) and the absence of progressive disclosure to external references for deeper topics. The conciseness and actionability are excellent.
Suggestions
Add an explicit sequenced workflow section showing how the layers compose in order (e.g., '1. Sanitize input → 2. Check spend limits → 3. Simulate tx → 4. Validate simulation output → 5. If valid, sign and send → 6. Log result') with validation checkpoints and error recovery paths.
Consider splitting deeper topics (MEV protection strategies, key management patterns, circuit breaker tuning) into referenced files to improve progressive disclosure and keep the main skill as a concise overview.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is lean and efficient. It doesn't explain what Ethereum is, what MEV means, or how Python works. Every section delivers a concrete pattern without preamble. The brief contextual sentences (e.g., 'Autonomous trading agents have a harsher threat model') earn their place by framing the threat model. | 3 / 3 |
Actionability | Each section provides executable Python code with real library imports (web3, eth_account), concrete patterns (regex injection detection, decimal spend limits, simulation-before-send), and specific constants. The code is copy-paste ready and covers the key security layers. | 3 / 3 |
Workflow Clarity | The skill presents independent security layers clearly but doesn't sequence them into an explicit workflow with validation checkpoints. The pre-deploy checklist is helpful but is a static list rather than a step-by-step process with feedback loops. For a domain involving destructive operations (sending transactions), the lack of an explicit 'validate → fix → retry' workflow caps this at 2. | 2 / 3 |
Progressive Disclosure | The content is well-structured with clear headers and a logical progression from injection defense through spend limits, simulation, circuit breakers, wallet isolation, and MEV protection. However, at ~120 lines it's getting long for a single file, and there are no references to external files for deeper dives on any topic (e.g., MEV strategies, key management best practices). | 2 / 3 |
Total | 10 / 12 Passed |
Validation
90%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 10 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 10 / 11 Passed | |
Reviewed
Table of Contents