alphai-market

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly shows and requires embedding session secrets (Cookie: dex_cookie=<...> and listenKey=<listen_key> in the WebSocket URL) and instructs generating connection/code examples that include those values verbatim, which forces the agent to handle and potentially output secrets directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md workflow explicitly directs the agent to call the token-detail and snipe APIs (e.g., GET /smart-web-gateway/token/token-detail and POST /smart-web-gateway/snipe/list/new/{chain}) which return social media fields (Twitter/Telegram/Website), KOL mentions and AI-generated token narratives—untrusted, user-generated public content that the agent is expected to read and that can influence its recommendations and subsequent actions.