glam
Warn
Audited by Snyk on Apr 5, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). The skill is explicitly a Solana DeFi/vault management tool with CLI and SDK functions that perform on-chain financial actions. It requires a keypair and RPC, and exposes specific transaction-capable commands/APIs: token swaps (JupiterSwap), perp/spot trading (DriftProtocol), deposits/lending (KaminoLend), bridging USDC (CCTP), token transfers, mint/issue/burn/forceTransfer of share tokens, staking and vault deposit/withdraw workflows. These are concrete crypto/blockchain transaction operations (sending transactions, trading, minting, bridging), not generic tooling, so it grants direct financial execution authority.
Issues (1)
W009
MEDIUMDirect money access capability detected (payment gateways, crypto, banking).
Audit Metadata