binance-futures-signal-bot

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests signals from untrusted third-party sources—Telegram channels, TradingView webhooks, and arbitrary custom API URLs (see "Signal Sources" and config.json entries in SKILL.md)—and uses those messages to decide and execute trades, so external content can directly influence agent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill includes a runtime-configurable external signal endpoint ("custom_api_url": "https://your-signal-provider.com/signals") which, when used as the signal_source, is fetched at runtime and its returned messages directly control the bot's trading instructions (i.e., remote content controlling agent actions).

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly an automated trading bot for Binance, Bybit, and OKX Futures. It requires and documents exchange API keys (BINANCE_API_KEY, BYBIT_API_KEY, OKX_API_KEY), depends on crypto exchange libraries (python-binance, ccxt), and exposes actions like "Start Auto Trading", configurable leverage/position sizing, trailing stop-loss, position manager (view & close positions) and example code creating an exchange client and fetching balances. These are specific interfaces to place market/futures orders on crypto exchanges — i.e., direct financial execution.