ccxt-ts-transpilation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's code and workflow perform runtime calls to open/public exchange APIs (e.g., publicGetApiV3Ticker24hr, other publicGet*/privatePost* endpoints and the example curl to https://api.binance.com/api/v3/ping) and directly parse/use those responses in methods like parseTicker and handleErrors, so it ingests untrusted third-party content.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly about CCXT, a cryptocurrency exchange trading library. The documentation describes adding exchange endpoints, the CCXT API (public/private methods auto-generated), sending market IDs to exchange APIs, and integration with an exchange connector (OctoBot-Tentacles). Exception mappings include trading-related errors (e.g., INSUFFICIENT_BALANCE/InsufficientFunds). These are specific, finance-focused capabilities for interacting with crypto exchanges (i.e., executing market actions), not generic tooling. Therefore it constitutes direct financial execution authority.