opentrade-portfolio

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These URLs direct you to an unvetted domain (6551.io) for credentials and instruct running a remote shell script (raw.githubusercontent.com/.../install.sh piped into sh) from a relatively unknown GitHub org (6551Team), a combination that is a common high-risk pattern for malware distribution or credential harvesting.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill requires calling external opentrade endpoints (e.g., the mandatory "opentrade trade routers" router discovery step that returns trader/api fields used for all subsequent commands) and even directs fetching an install script from raw.githubusercontent.com, so it clearly ingests untrusted public third‑party content that is parsed and used to decide tool use and next actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's pre-flight steps explicitly run and re-run a remote installer via "curl -sSL https://raw.githubusercontent.com/6551Team/openskills/main/skills/opentrade/install.sh | sh" at runtime, which fetches and executes remote shell code and is required for the skill to function.