This is the ChatGPT version of the build. The strategy thinking is the same as the Claude Code guide; what changes is how you connect and how you apply guardrails — because ChatGPT can’t install the SecProve safety skill (that’s Claude-only). So on ChatGPT you carry the guardrails in yourself, as instructions. It’s a couple of extra steps, and then you’re running.

We’ll use NVIDIA (NVDA) and a bounded buy-the-dip strategy to keep it concrete — illustrations, not recommendations. Agentic trading can lose your whole funded balance; the method here keeps that exposure small and in your hands.

Step 1 — Prerequisites

  • A Robinhood individual investing account in good standing, on a desktop device.
  • A funding decision. We’ll use $500 — money you could lose entirely. (How much to fund.)

Step 2 — Connect ChatGPT to the Robinhood MCP

  1. Enable Developer Mode in ChatGPT.
  2. Settings → Apps → Create app.
  3. Enter the Robinhood Trading MCP link: https://agent.robinhood.com/mcp/trading
  4. Authenticate when prompted, and open + fund your agentic account with $500. Auth runs through Robinhood — ChatGPT never sees your credentials.

Full detail: connect ChatGPT to Robinhood.

Step 3 — Carry the guardrails in (the ChatGPT difference)

There’s no auto-applying safety skill on ChatGPT, so you supply the rules yourself — and you make them stick:

  1. Generate a conservative, $500 config with the SecProve Agent Safety Kit. It produces per-trade ($25), daily ($75), and concentration ($100) caps, an approval gate at $25, a circuit breaker, a kill switch, and a prompt-injection rule.
  2. Paste it into Settings → Personalization → Custom Instructions so it rides every conversation — not just one chat. Re-paste it at the top of a session if a thread runs long and context slips.
  3. Confirm ChatGPT reads them back to you before it places anything.

This is the one place ChatGPT asks more of you than Claude: the guardrails are only as durable as you make them, so put them in Custom Instructions, not a throwaway message.

Step 4 — Point it at NVDA, bounded

Give ChatGPT the strategy and its bounds in plain language (the strategy skills are Claude-only, but the playbook is the same):

"Watch NVDA. When it drops 2% or more in a day, buy $20 — but never exceed the caps in my instructions, and ask before any order of $25 or more. Stop buying once I hold $100 of NVDA."

Now it’s bounded: $20 dip-buys, up to $100 of NVDA, never more than $75/day, with the approval gate and injection rule in force.

Step 5 — The risks, and the control on each

  • Single-stock concentration → the $100 concentration cap keeps a rough NVDA week from becoming a rough account.
  • Falling knife → "buy every dip" averages down only to your $100 cap, then stops; your funded amount is the real floor. (What can go wrong.)
  • Guardrails can drift on ChatGPT → because they live in instructions, re-assert them in long sessions and keep them in Custom Instructions. The hard backstop is Robinhood’s funded-account isolation and disconnecting the app.
  • Prompt injection → if you let ChatGPT browse news to inform dips, keep news advisory and human-gated (next section). (How injection works.)

Advanced: let ChatGPT read the news

ChatGPT’s browsing makes news-aware trading easy — and the rule is simple: news informs the decision, never fires the order.

"Check today’s NVDA headlines and sentiment, summarize in three bullets, and tell me if it changes the dip thesis. Don’t place or size a trade from this — surface it and I’ll decide."

Keep news on the input side and your caps fixed regardless of how bullish a story reads, and you get a sharper agent without widening exposure. A confident headline is the cheapest thing to fake — that’s exactly why it stays advisory.

Stopping it

Say "STOP" to halt, and disconnect the Robinhood app in ChatGPT for the hard stop. (Kill switch.)

Prefer an agent that enforces the guardrails automatically? That’s the Claude Code build. Either way, the skill worth having is spotting an attack aimed at your agent — test yours at secprove.com.