smart-money-signal-copy-trade

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.95). The skill explicitly calls onchainos to ingest open/public data (e.g., OKX Smart Money signals via "onchainos signal list", token trades/price-info/advanced-info, and market candles) as shown in SKILL.md and bot.py, and that untrusted, user-generated/public data is parsed and directly drives buy/sell decisions and tool usage, so it can enable indirect prompt-injection-style influence.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a live cryptocurrency trading bot that performs on-chain trades and signs transactions. It requires logging into an Agentic Wallet, checks wallet balances, requests a Live Mode budget, toggles DRY_RUN to False to use real SOL, and calls onchainos execution commands including onchainos swap swap and onchainos wallet contract-call (TEE signing + broadcast). These are specific crypto/blockchain transaction APIs and wallet signing operations designed to move funds (execute swaps and broadcast transactions). Therefore it grants direct financial execution capability.