superise-market-sustain

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly provides commands to move funds: it includes a top-up command that "creates the order, transfers CKB, and submits the tx hash" and example usage like "Top up 3000 CKB". It also supports retrying orders and autonomous scheduled top-ups when the user delegates supervision. The prompt references wallet auth, wallet-side limits and transaction submission, indicating direct crypto/banking transaction capability. These are specific financial execution operations (crypto transfers), not generic tooling.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (medium risk: 0.40). The skill asks the agent to install a global npm CLI and to register recurring jobs / system events (setup openclaw / install sustain cron jobs), which modify the host environment and can change system state, but it does not explicitly request sudo, editing of system service or config files, or creation of user accounts.