alphai

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs copying a browser cookie (dex_cookie) and embedding it in request headers and inserting listenKey values directly into WebSocket URLs, which requires handling and outputting secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow and auth-guide explicitly show connecting to alph.ai WebSocket (wss://ws.alph.ai/stream/ws?listenKey=...) and subscribing to feeds (e.g., /alphai-twitter KOL monitoring) so the agent ingests real-time, user-generated social media/market data from third-party sources that could influence decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly an API navigation for a crypto/trading platform (Alph.ai) and documents concrete modules and endpoints that perform financial actions. It includes a /alphai-trading module described as "买卖交易、挂单、跟单、订单查询、手续费" and explicitly lists use cases such as placing orders, cancelling/modifying orders, setting buy/sell parameters and order management — i.e., sending market/limit orders. It also references wallet management in /alphai-user, market and chain data in /alphai-market (including gas fees), and detailed auth/connection steps (dex_cookie, listenKey, wss stream) needed to authenticate and open transactional WebSocket sessions. These are specific financial execution capabilities (placing trades and managing wallets), not generic tooling, so it meets the criteria for Direct Financial Execution.