Is ccxt-mcp safe to install?

Security audit of lazy-dinosaur/ccxt-mcp · MCP Server by lazy-dinosaur · ★ 82

⚠ CAUTION Basic audit · rule-based scan · SlowMist 11 red-flag categories

Use with caution — ccxt-mcp triggered warning flags in AgentSkillsHub's security scan. It may be fine for personal trials, but review its credential handling and maintainer before brand or production use.

What it is: CCXT MCP Server bridges the gap between AI models and cryptocurrency trading by providing a standardized interface through the Model Context Protocol. Created to empower automated trading strategies, this tool allows AI assistants like Claude and GPT to directly interact with over 100 cryptocurrency exchanges without requiring users to write comple

Red flags detected (1)

Audit summary

Security grade⚠ CAUTION
Quality score71/100
GitHub stars82
LanguageTypeScript
LicenseMIT
Last updated

Check before you install

Run a live scan → Full details & install 5-dimension deep audit

This is AgentSkillsHub's free basic audit: an automated rule-based scan covering SlowMist's 11 red-flag categories (credential exfiltration, obfuscated payloads, sandbox escape, prompt injection, and more) across 117,000+ open-source AI agent skills and MCP servers, refreshed every 8 hours. A CAUTION grade is a scan result, not a guarantee — deep 5-dimension audits (code · credentials · vendor · supply-chain · operational) are available for enterprise. Audited: 2026-07-03.