rwa-trade

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). The ondo.finance domain appears to be the legitimate Ondo site, but the skill explicitly instructs piping a raw GitHub-hosted shell script (raw.githubusercontent.com/outputlayer/rwa_cli/main/install.sh) directly into bash — a high‑risk pattern because the repository/user reputation is unclear and remote .sh execution can deliver malware or backdoors.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's prerequisite includes a runtime installation command that fetches and pipes remote code to a shell (curl -fsSL https://raw.githubusercontent.com/outputlayer/rwa_cli/main/install.sh | bash), which would execute external code at runtime and is used as the required install path if the rwa CLI is missing.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly provides commands to buy and sell tokenized stocks/ETFs on Solana (e.g., rwa gm buy TSLA 100 -y, rwa gm sell SPY 50% -y), includes quoting and execution workflows, wallet management (rwa keys show, rwa keys generate), and requirements for SOL/USDC for gas/funds. The -y flag skips confirmation, enabling automated execution. This is a specific financial/trading tool (blockchain trading and wallet operations), not a generic interface — therefore it grants direct financial execution capability.