After the hacked-bot used on the Binance platform (not Binance fault -- and they handled it superbly incurring a loss on themselves to reverse the hack, when they didn't have to), people will have to be pretty brave to use 3rd party bots? -- though not saying that this one is a "Trojan-bot" too, but just providing caution to the community. 
You should never give your API keys to a third party as they basically give full access to your money (no password and no double authentication).
I don't plan to let people use my bot, so no worries here haha