strike-perpetuals

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's runtime scripts (e.g., scripts/exchange-info.js and scripts/order-book.js) fetch exchange info and order-book data from Strike's public API (app.strikefinance.org) and those external responses are read and used to drive trading decisions and order placements, so untrusted third‑party content can materially influence actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly and specifically designed to perform trading on Strike Finance v2: it requires an API wallet (Ed25519 keypair), describes auth and environment variables, and provides concrete scripts and commands to place market/limit/stop/strategy orders, set leverage (1–125x), cancel orders, and view/operate on positions. These are direct market-order and account-management operations (i.e., they can move funds and open/close leveraged positions). This meets the “Direct Financial Execution” criteria (market orders / crypto wallet-backed API).