beaconchain-automation

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires connecting at runtime to the MCP endpoint https://rube.app/mcp to call RUBE_SEARCH_TOOLS and RUBE_MULTI_EXECUTE_TOOL, which fetch tool schemas/recommendations and execute remote toolkit operations that can directly control agent instructions or run remote code.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for "Beaconchain Automation" using a dedicated "beaconchain" toolkit. It directs connecting to that toolkit and executing discovered tool slugs via RUBE_MULTI_EXECUTE_TOOL. Because Beaconchain is a blockchain context and the toolkit is specifically for Beaconchain operations (i.e., crypto/blockchain), this skill is specifically designed to interact with blockchain functionality (which commonly includes wallets, signing, staking/validator ops and transactions). The ability to discover and execute composio beaconchain tools implies the agent can invoke blockchain operations that can move or manage crypto funds, so it constitutes direct financial execution capability.