binance-api-usage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches live/public Binance data (see scripts/historical_data.py, scripts/basic_ops.py, scripts/async_sockets.py and the SKILL.md "Market Data Retrieval"/"Order Execution" workflows) and reads that untrusted third‑party API content as part of its operation to make trading decisions and place orders (scripts/order_examples.py), so external data can materially influence agent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for interacting with the Binance exchange via python-binance and includes account & portfolio management and "Order Execution" (placing Market, Limit, OCO orders). It requires API keys and provides example scripts for executing trades. This is a specific tool designed to move funds / execute market orders on a crypto exchange, so it grants direct financial execution capability.