injective-trading-chain-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly instructs the agent to "Read the Go source ... or fetch from GitHub (InjectiveLabs/injective-core)," which requires ingesting public third-party code from GitHub that the agent must interpret and that can materially influence its analysis and actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly focused on Injective's exchange module and chain-level trading mechanics. It references concrete transaction/message types and trading operations such as MsgCreateDerivativeMarketOrder, MsgCreateDerivativeLimitOrder, MsgOffsetPosition, liquidation execution (ExecuteLiquidation), margin management, funding rates, and other market/order behaviors on the Injective blockchain. These are specific crypto/trading primitives (market orders, liquidations, position netting) rather than generic analysis tools, so the skill is specifically designed around financial execution-related functionality.