wallet-tracker-mcap

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill repeatedly invokes the onchainos CLI to fetch public, user-generated blockchain and market data (e.g., onchainos portfolio token-balances, onchainos token price-info, onchainos token advanced-info, and trade queries) and the agent directly reads and acts on that untrusted third‑party content (wallet_tracker.py and SKILL.md show these calls driving safety checks, MC gating, and automatic buys/sells), so external content can materially change agent behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a crypto trading bot for Solana. It defines automated buy/sell flows, position sizing, stop-loss / take-profit, and mirror-sell behavior. It uses the onchainos CLI to build and execute on-chain transactions (onchainos swap swap, onchainos wallet contract-call) and requires wallet login/TEE signing. The Live mode allows the agent to autonomously sign and broadcast trades after user session authorization. This is a specific tool whose primary purpose is to send transactions and move funds on-chain, not a generic capability.