openfin-hyperliquid

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). This skill is explicitly a trading/integration skill for Hyperliquid and exposes multiple write actions that move or control real funds and positions. It defines and documents endpoints and MCP tools for placing and modifying market/perp/spot orders, batch cancels, TWAP execution, changing leverage and margin (which directly alter liquidation risk), upgrading account abstraction (auto-unify), and withdrawing USDC back to the user's wallet on Arbitrum. Examples: POST /agent/trading/orders (place orders), POST /agent/trading/twap (execute TWAP slices), POST /agent/trading/leverage and /agent/trading/margin (change leverage/margin), POST /agent/trading/abstraction (auto-unify write), POST /agent/trading/withdraw (send USDC to Arbitrum). The MCP tool list similarly includes place_order, place_twap_order, update_leverage, update_isolated_margin, withdraw_to_arbitrum, cancel_order, modify_order. These are specific, purpose-built financial execution capabilities (market orders, margin/leverage changes, withdrawals), so this meets the "Direct Financial Execution" criterion.