`AutomationMaster::generateOrderId` does not generate unique IDs

`modifyOrder` does not check if the order is pending or not

`cancelOrder` is missing `nonReentrant` modifier, allowing a malicious contract tha created an order to cancel the order before completing the swap

Users can steal tokens from the StopLimit contract.

The `execute` function does not reset the authorization for the target contract after the call is completed, which can lead to contract funds being stolen.

Incorrect outdated price check in `PythOracle`

An attacker can create dead orders to DoS system.

The `OracleLess::createOrder` does not check for `MASTER::maxPendingOrders` and `Master::checkMinOrderSize`

No slippage protection in `sellVotes` function

Voucher can avoid slash