across-protocol-ai-agent-skill

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs runtime calls to the Swap API (e.g., GET/POST https://app.across.to/api/swap/approval) which return executable calldata and approval transactions that are relied upon by the integration and, when sent, execute remote contract logic—so the fetched content directly controls execution at runtime.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for cross-chain token transfers, swaps, and fee collection and documents concrete APIs and functions for constructing and submitting on-chain transactions. It references Swap API endpoints that "return executable calldata to sign and submit" (GET/POST /swap/approval), manual construction of depositV3 calls, appFee/appFeeRecipient for integrator fee collection, App SDK programmatic integration, and on-chain intent construction (ERC-7683) and relayer operation. These are specific crypto/blockchain execution tools (wallet/transaction signing, swap/bridge operations, fee collection), i.e., direct financial execution capability.