copy-trading-solana

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly monitors public Solana wallets and ingests on-chain transactions (SKILL.md: "Real-time monitoring via Solana WebSocket" and "Monitor target wallet for transactions") and the runtime code (index.ts) detects trades and automatically executes copy trades via Jupiter, meaning untrusted, user-generated blockchain data is read and directly drives trading actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). This skill is explicitly a crypto trading execution tool. It monitors Solana wallets and "execute[s] copy trade via Jupiter (best route)" using configurable parameters that control on-chain transactions (position size multiplier, max SOL per trade, slippage, buys/sells-only, stealth delay). It therefore directly performs blockchain trading/swaps via a specific aggregator (Jupiter), which is a crypto execution capability (wallet/trade execution), not a generic tool. This matches the Crypto/Blockchain category for Direct Financial Execution.