strategy-auto-rebalance

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests data and code from public third-party sources — e.g., Morpho GraphQL and DeFiLlama API for yield/vault discovery and GitHub raw install scripts/curl hits in the Pre-flight steps — and the daemon directly reads those responses to decide and execute rebalances, so untrusted external content can materially influence tool use and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's pre-flight explicitly runs remote install scripts via curl piped to sh (e.g. https://raw.githubusercontent.com/okx/onchainos-skills/main/install.sh, https://raw.githubusercontent.com/okx/plugin-store/main/install.sh, https://raw.githubusercontent.com/okx/plugin-store/main/install_strategy.sh), which executes fetched code at runtime and are used to install required runtime dependencies (onchainos / plugin-store / strategy-auto-rebalance).

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a DeFi fund-management daemon that performs on-chain financial operations. Evidence in the prompt:
• Purpose: "auto-rebalance USDC ... across Aave V3, Compound V3, and Morpho" — clearly designed to move USDC between protocols.
• Execution steps: Decision Logic and "Execute" step specify on-chain transactions: "approve + withdraw + verify wallet balance + deposit + verify target balance".
• Auto actions: "Auto-deposit: If wallet has idle USDC ... deposits into the best protocol automatically" and "Emergency Withdraw" on TVL drop >30%.
• CLI behavior: strategy-auto-rebalance start requires wallet auth and will carry out rebalancing (auth required noted in Command Index).
• Authentication: Requires onchainos wallet login and uses onchainos TEE signing to sign transactions. All of the above are specific crypto/blockchain fund-moving capabilities (wallet-based signing, deposit/withdraw, automated trades), therefore this skill provides Direct Financial Execution Authority.