This is a security pattern library for LLM agents that can actually spend money or sign transactions. It covers the defense-in-depth approach you need when a prompt injection could drain a wallet: input sanitization with regex blocklists, hard spend limits per transaction and per day, pre-send simulation with slippage checks, circuit breakers that halt on consecutive losses or drawdown thresholds, and wallet isolation so your agent never touches the main treasury. The examples are Python-heavy and Ethereum-focused but the patterns translate. If you're building anything where Claude has signing authority, this is the threat model checklist you should be working from.
npx -y skills add affaan-m/ecc --skill llm-trading-agent-security --agent claude-codeInstalls into .claude/skills of the current project.
Select a file.
giuseppe-trisciuoglio/developer-kit