meme-trench-scanner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's runtime code (scripts/scan_live.py and scripts/risk_check.py) repeatedly calls onchainos CLI commands (e.g., memepump tokens, token-details, token-trades, market kline, token info) to fetch public token/trade/launchpad data and uses those untrusted, user-/web-generated signals to make trading decisions (entry/exit), so third-party content is ingested and can materially influence agent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a cryptocurrency automated trading bot for Solana that integrates with the onchainos CLI and an Agentic Wallet (TEE) to build, sign, and broadcast on‑chain transactions. It includes concrete executable commands and flows for trading: onchainos wallet login/status/addresses, onchainos swap quote and onchainos swap swap to build transactions, and onchainos wallet contract-call for TEE signing + broadcast. The skill’s runtime (scan_live.py) contains try_open_position() and check_position() logic to open/close positions, and the interactive startup flow allows switching to Live Trading (PAPER_TRADE = False) and setting SOL exposure and per-trade sizes. All of these are specific, purpose-built capabilities to execute market orders and manage crypto funds (build/send swaps, sign transactions, manage balances). Therefore it grants direct financial execution authority.