integrations
Facilitates management of external data sources and custom connectors for trading bots, enhancing data integration capabilities.
Install this skill
Security score
The integrations skill was audited on Feb 22, 2026 and we found 27 security issues across 4 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
Template literal with variable interpolation in command context
| 120 | console.log(`Webhook URL: ${source.url}`); |
Template literal with variable interpolation in command context
| 136 | 'Authorization': `Bearer ${process.env.MY_API_KEY}`, |
Template literal with variable interpolation in command context
| 187 | console.log(`Signal: ${data.signal} ${data.symbol}`); |
Template literal with variable interpolation in command context
| 188 | console.log(`Confidence: ${data.confidence}`); |
Template literal with variable interpolation in command context
| 197 | console.log(`[${source}] ${JSON.stringify(data)}`); |
Template literal with variable interpolation in command context
| 209 | console.log(`${meeting.date}: ${meeting.probabilities}`); |
Template literal with variable interpolation in command context
| 224 | console.log(`Status: ${status.status}`); // 'healthy' | 'degraded' | 'error' |
Template literal with variable interpolation in command context
| 225 | console.log(`Last fetch: ${status.lastFetch}`); |
Template literal with variable interpolation in command context
| 226 | console.log(`Last error: ${status.lastError}`); |
Template literal with variable interpolation in command context
| 227 | console.log(`Fetch count: ${status.fetchCount}`); |
Template literal with variable interpolation in command context
| 228 | console.log(`Error count: ${status.errorCount}`); |
Webhook reference - potential data exfiltration
| 28 | /integrations add webhook "my-signals" Add custom webhook source |
Webhook reference - potential data exfiltration
| 88 | ### Add Custom Webhook Source |
Webhook reference - potential data exfiltration
| 91 | // Add webhook to receive custom signals |
Webhook reference - potential data exfiltration
| 92 | const source = await integrations.addWebhook({ |
Webhook reference - potential data exfiltration
| 96 | // Webhook config |
Webhook reference - potential data exfiltration
| 97 | path: '/webhooks/my-signals', |
Webhook reference - potential data exfiltration
| 98 | secret: process.env.WEBHOOK_SECRET, |
Webhook reference - potential data exfiltration
| 120 | console.log(`Webhook URL: ${source.url}`); |
Webhook reference - potential data exfiltration
| 121 | // POST to: https://your-domain.com/webhooks/my-signals |
Webhook reference - potential data exfiltration
| 255 | | **webhook** | External signals pushed to you | Instant | |
Webhook reference - potential data exfiltration
| 308 | MY_SIGNALS_WEBHOOK_SECRET=your-secret |
Webhook reference - potential data exfiltration
| 316 | 1. **Validate incoming data** — Use schemas for webhooks |
Access to .env file
| 98 | secret: process.env.WEBHOOK_SECRET, |
Access to .env file
| 136 | 'Authorization': `Bearer ${process.env.MY_API_KEY}`, |
External URL reference
| 121 | // POST to: https://your-domain.com/webhooks/my-signals |
External URL reference
| 133 | url: 'https://api.example.com/prices', |
Install this skill with one command
/learn @alsk1992/integrations