SunSwap DEX Trading

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill repeatedly instructs the agent to run sun-cli commands that fetch public, user/third-party data (e.g., "sun --json price" which queries SUN.IO, "sun --json pool search", "token list", "tx scan", and on-chain contract reads) as shown throughout SKILL.md, and the agent is expected to read and act on those results (quotes/dry-runs) to decide and execute transactions, so untrusted external content can materially influence actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a crypto trading/DEX tool that can send on-chain transactions. It instructs agents to install and use sun-cli with wallet credentials (TRON_PRIVATE_KEY, TRON_MNEMONIC, AGENT_WALLET_PASSWORD) and documents write operations that move funds: swap (execute token swaps), liquidity v2/v3/v4 add/remove/mint/increase/decrease/collect, generic contract send, and other transaction-producing commands. It includes flags to skip confirmation (--yes) and guidance for executing transactions and previews (--dry-run). These are specific crypto/blockchain wallet and transaction APIs intended to move money/tokens, so this grants Direct Financial Execution Authority.