strategy-memepump-scanner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill repeatedly fetches and ingests public token data (e.g., "Every 10 seconds, fetches MIGRATED pump.fun tokens from OKX Trenches API" and cross-skill calls like plugin-store memepump token-details, token-dev-info, token-bundle-info) and directly uses that untrusted, user-generated third‑party content to drive signal detection and automated trading decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill runs curl | sh at runtime to install required runtime components (onchainos and plugin-store/strategy), e.g. https://raw.githubusercontent.com/okx/onchainos-skills/main/install.sh, https://raw.githubusercontent.com/okx/plugin-store/main/install.sh, and https://raw.githubusercontent.com/okx/plugin-store/main/install_strategy.sh which fetch and execute remote code and are required dependencies.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading bot that performs on-chain crypto trades. It contains commands to execute trades (e.g., strategy-memepump-scanner tick / start), an execution pipeline step "try_open_position ← Liquidity check + quote + swap + broadcast", position sizing and slippage parameters (sol_per_trade, slippage_pct, max_sol), automatic buy/sell/TP/SL logic, and integration with a signing wallet (onchainos wallet TEE signing). It is specifically designed to move cryptocurrency (open/close positions, broadcast swaps), not a generic tool. This matches the crypto/blockchain category (wallets, swaps, signing), so it grants direct financial execution authority.