dexhunter-swap

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md and scripts (search-tokens.js, estimate-swap.js, build-swap.js) call dexhunter-client functions and require a DEXHUNTER_API_KEY to fetch token metadata, price and routing data from the external DexHunter service (public third‑party data) which the agent ingests and uses to decide routes and build transactions, so third‑party content can materially influence actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a crypto swap aggregator for Cardano DEXes: it estimates multi-DEX swaps, builds optimized swap transactions (producing unsigned CBOR hex), and references an operator for signing/submission. These are specific crypto transaction tools (swaps/building transactions/signing flow) rather than generic utilities, so it provides direct financial execution capabilities for blockchain asset transfers.