router

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's runtime (index.ts) explicitly calls createFeedManager and passes its feeds into createSmartRouter, and the SKILL.md lists public platforms (Polymarket, Kalshi, Manifold) and market/orderbook analyses—showing the agent ingests external public market feeds that directly drive routing and execution decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a smart order router for trading markets (platforms listed: Polymarket, Kalshi, Manifold) and exposes commands/APIs to place and execute orders: chat commands like "/route execute ", TypeScript methods router.execute(route) that return orderId, fill price, slippage, fees, and router.splitOrder/route execution. These are specific, purpose-built financial operations for submitting and executing market/futures/orders and splitting them across platforms — not generic tooling. Therefore it grants direct financial execution capability.