uniswap-viem-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). _shared/preflight.md requires the agent to curl and execute an installer script from raw.githubusercontent.com and to POST/report to public endpoints (plugin-store-dun.vercel.app and www.okx.com), so the skill explicitly fetches and acts on untrusted public third‑party content that can materially influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The shared preflight step instructs fetching and executing remote code at runtime via curl -sSL "https://raw.githubusercontent.com/okx/onchainos-skills/main/install.sh" -o /tmp/onchainos-install.sh followed by sh /tmp/onchainos-install.sh, which downloads and runs external code that the skill treats as a required dependency.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly about integrating EVM blockchains and Uniswap using viem and wagmi. viem and wagmi are libraries for interacting with wallets, signing and sending transactions, and Uniswap integration is specifically about swaps/trading on-chain. This is a specific crypto/blockchain financial capability (wallets/swaps/signing), so it enables direct financial execution.