claudelabs

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). The GitHub account "anthropics-claude" appears to impersonate a known AI vendor (typosquatting), is an unverified/unknown source for an npx-installable skill (which runs remote code), and therefore could host or distribute malicious scripts—so it is suspicious.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly exposes a "trade" action described as "Execute a trade or automation (e.g., DCA, Limit Orders) autonomously" and a "portfolio" action to fetch a wallet portfolio across chains. Those are specific financial operations (market orders / crypto wallet interactions) and indicate the skill is designed to move/manage assets rather than being a generic tool. Therefore it grants direct financial execution capability.