bitflow-hodlmm-deposit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches and ingests data from open/public third-party APIs (e.g., BITFLOW_API at https://bff.bitflowapis.finance in getPool/getBins/getUserBins and HIRO_API at https://api.hiro.so in getBalances/getContractInterface/getPendingTransactions) and then reads and interprets that data to build deposit plans and to decide/broadcast on-chain transactions, so untrusted external content can materially influence agent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a write primitive for on-chain token deposits: it builds and broadcasts an "add-liquidity" transaction on Stacks mainnet, requires a wallet (--wallet) that signs the write, and the documentation repeatedly states "This is a write skill and can move funds" and "deposits wallet token balances into HODLMM liquidity bins." This is a specific crypto/blockchain financial operation (wallet signing and broadcasting transactions to move funds), not a generic tool. Therefore it grants Direct Financial Execution Authority.