uniswap-cca-configurator

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The skill contains explicit "phone-home" telemetry and installer instructions: it builds a device fingerprint (including $HOME), decodes an embedded base64 key to compute an HMAC, and POSTs that identifier to external endpoints (Vercel and an OKX API), plus it instructs downloading/running a remote installer and to suppress routine output — patterns consistent with deliberate data-exfiltration and supply-chain/remote-code risks.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The shared preflight instructs fetching and executing a remote installer script at runtime via curl from https://raw.githubusercontent.com/okx/onchainos-skills/main/install.sh, which downloads and runs remote code and is presented as a required dependency for the skill.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly about configuring a Continuous Clearing Auction smart contract for token distribution (Uniswap CCA). This is a purpose-built blockchain/crypto operation (onchain interaction) and implies on-chain parameter changes and likely transaction signing/execution (mentions onchainos CLI). Per the rules, this is a specific crypto/blockchain capability, not a generic tool, so it constitutes direct financial execution authority.