top-rank-tokens-sniper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill repeatedly invokes the onchainos CLI to fetch public OKX/blockchain data (e.g., get_ranking/get_advanced/get_holders in scripts/ranking_sniper.py and many onchainos calls in risk_check.py such as token trades/advanced-info/security token-scan), and that untrusted, user-generated public data is parsed and directly drives buy/sell decisions and risk gates—so it clearly ingests third‑party content that can materially influence agent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a live cryptocurrency trading bot for Solana. It requires logging into an onchainos-managed wallet (TEE signing), exposes commands and functions to perform swaps and execute trades (e.g., onchainos swap swap --from ... --to ... --amount ... --wallet <addr> --slippage <pct>, onchainos wallet contract-call, onchainos wallet addresses, onchainos wallet balance, onchainos wallet order-status), and provides a live-mode flow that sets MODE="live", configures TOTAL_BUDGET and BUY_AMOUNT, unpauses trading, and starts the bot which automatically places buys/sells and manages exits. These are specific crypto-wallet, swap, signing and order-execution capabilities — i.e., direct financial execution.