wtpy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly ingests public, untrusted third‑party content — see SKILL.md "Documentation Sources" and the references/ files (e.g., URLs to https://wtdocs.readthedocs.io/, GitHub pages, and community docs) and runtime examples (ExtDataLoader, WtDHFactory/DataHelper using public data sources like tushare/baostock/RQData and loading CSVs or remote URLs) which the agent is expected to read and which can materially influence backtest/live trading behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). Yes. The skill is explicitly a quantitative trading framework and documentation for live trading and order execution. It contains live-trading code examples (WtEngine, env.run(), add_cta_strategy), references to "实盘交易" (real/production trading), modules for custom executors (ExtExecuter/下单流程), and explicit integrations with trading/market interfaces (对接 CTP/openctp/XTP 等交易和行情接口) and "CTA 下单接口详解". These are specific tools and APIs whose primary purpose is placing market orders and executing trades, i.e., moving money/positions, so it qualifies as Direct Financial Execution capability.