dapp-aave

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). These are suspicious because the skill instructs curling and piping a raw shell script from an unknown personal GitHub repo (raw.githubusercontent.com/purong-huang-1121/skills-store/install.sh), which enables arbitrary remote code execution; although github.com/okx/plugin-store may be legitimate, the direct .sh from an untrusted account is a high-risk download vector.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's pre-flight steps explicitly run and re-run the installer via "curl -sSL https://raw.githubusercontent.com/purong-huang-1121/skills-store/main/install.sh | sh" at runtime, which fetches and directly executes remote code and is required to install/update the plugin-store dependency.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed for DeFi financial operations on Aave V3. It provides dedicated transaction commands (supply, withdraw, borrow, repay) that require an EVM private key (EVM_PRIVATE_KEY) to sign on-chain transactions and return transaction hashes. These are not generic tools — they are specific crypto/blockchain transaction operations (wallet signing and funds movement). Therefore it grants direct financial execution capability.