saturnswap-limit-orders

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow and scripts (SKILL.md "Check current prices" / "Find the pool" and scripts/preview-limit.js which calls getPool, getOrderBookAsks, getOrderBookBids) fetch live pool and order-book data from the public SaturnSwap API (user-generated/orderbook entries) and use that data to compute warnings and to decide/build transactions, so untrusted third-party content is read and can materially influence actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for placing and cancelling on‑chain limit orders on SaturnSwap (crypto trading). It defines specific functions/APIs and flows to build and submit transactions: createLimitOrder, cancelOrder, scripts create-limit.js/create-cancel.js, references UTxO IDs and bech32 addresses, and a handoff for signing/submission. This is a specific crypto/market-orders execution capability (not a generic tool), so it grants direct financial execution authority.