strategy-ranking-sniper

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). The URL points to a raw shell script on a personal/unknown GitHub account and the skill explicitly instructs piping that script into sh — a high-risk pattern because arbitrary scripts from untrusted repos can execute malware or steal secrets.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill directly fetches and ingests live public data from OKX Onchain OS MCP (e.g., dex-okx-market-token-ranking, dex-okx-market-token-advanced-info, dex-okx-market-token-holder via https://web3.okx.com or the onchainos CLI) and explicitly uses those external token/ranking/holder fields to compute scores and drive buy/sell decisions, so third‑party content can materially influence its actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The SKILL explicitly instructs installing a required runtime dependency by piping a remote install script to the shell (curl -sSL https://raw.githubusercontent.com/purong-huang-1121/skills-store/main/install.sh | sh), which fetches and executes remote code and thus is a high-confidence risky external dependency.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a cryptocurrency trading bot that performs automated on-chain and exchange swaps. It requires OKX API keys and a Solana private key, lists OKX trade execution endpoints (/api/v6/dex/aggregator/swap, /api/v6/dex/pre-transaction/broadcast-transaction) and Solana RPC methods (sendTransaction, getLatestBlockhash), and exposes commands that execute trades (tick, start, test-trade, sell, sell-all) including parameters for budget and per-trade amounts. It instructs signing and broadcasting transactions, handles tx_hash in outputs, and includes money-management fields (budget_sol, per_trade_sol, slippage_pct, etc.). These are specific, primary functions to move crypto funds (signing and broadcasting swaps), so it grants direct financial execution authority.