agentguard

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly defines web3 transaction and signing capabilities (action types web3_tx and web3_sign) and provides concrete CLI commands to "decide", "simulate", and invoke transactions (node scripts/action-cli.ts decide/simulate --type web3_tx ... and --type web3_sign ... with chain-id, from, to, value, data, signer, message, etc.). The trust model includes web3-specific settings (web3.chains_allowlist, web3.rpc_allowlist, web3.tx_policy) and a "trading_bot" preset that names Exchange APIs (Binance, Bybit, OKX, Coinbase). These are specific, non-generic interfaces for crypto/exchange transaction execution and signing (i.e., direct financial execution).