ai-strategy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill fetches live price data from the public API https://price.jup.ag/v4/price (see checkStrategy and getSolPrice) and directly uses those responses to decide and execute trades, so untrusted third‑party content can materially influence agent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly built to create and run trading strategies and to execute trades. It defines an /execute command with examples like "buy 0.5 SOL", "sell all BONK", "swap 1 SOL to USDC", and includes DCA, stop-loss, ladder orders, and immediate execution semantics. It also references on-chain trading infrastructure (Jupiter routes, Solana SPL tokens) and periodic monitoring that "executes trade when condition met." These are specific crypto/market-order capabilities to send transactions and move funds, not generic tooling — therefore it grants direct financial execution authority.