aicoin-account

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill makes live requests to external services (AiCoin API at BASE=https://open.aicoin.com in lib/aicoin-api.mjs and multiple exchange APIs via CCXT in scripts/exchange.mjs) and directly reads and acts on those JSON responses (e.g., apiGet adds upgrade hints and check-tier.mjs/other scripts use API responses to decide tier, generate upgrade instructions, and guide follow-up actions), so untrusted third-party responses can materially influence the agent's decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly includes a "Transfer funds" command that moves assets between accounts on an exchange: e.g. node scripts/exchange.mjs transfer '{"exchange":"binance","code":"USDT","amount":100,"from_account":"spot","to_account":"future"}'. It also manages exchange API keys and interacts with specific crypto exchanges (Binance, OKX, Bybit, etc.). These are specific, non-generic financial operations (moving crypto/funds via exchange APIs), which meets the definition of Direct Financial Execution.