I feel very uncomfortable in trading at Bitstamp (and some other exchanges) through the API, and I hope they did different decisions in their internal code. Why, oh why, did they think it was a good idea to send user and password when making requests ? This is too sensitive, and users very often pick the same password for different services. This data is ultimately going through HTTPS, but still..

Anyway, it would be easy to implement the private part of the API in https://github.com/knowitnothing/btcx/blob/master/btcx/bitstamp.py. Then it is a matter of creating a interface for placing the combined sell/buy order together with data pooling to decide when to actually sell and buy at the given value or condition.