alchemy-automation

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly requires adding and using the MCP server at https://rube.app/mcp at runtime (via RUBE_SEARCH_TOOLS / RUBE_MANAGE_CONNECTIONS / RUBE_MULTI_EXECUTE_TOOL), and that server-provided tool schemas and execution plans directly control the agent's prompts/instructions and enable remote tool execution.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for automating "Alchemy" operations via a dedicated Alchemy toolkit (toolkit "alchemy"). Alchemy is a blockchain/crypto API provider and the skill instructs using RUBE_* tool calls (search, manage connections, multi_execute) to discover and invoke Alchemy tool slugs. Those tool slugs (via the Alchemy toolkit) can include crypto-specific actions such as signing and sending transactions, managing wallets, and other on-chain operations. Because the skill is specifically designed around a crypto/blockchain API (not a generic HTTP or browser tool), it constitutes direct financial execution capability.