squads

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.85). The prompt includes examples that embed secrets directly into code and HTTP headers (e.g., Keypair.fromSecretKey(/* your secret key */), "Authorization: Bearer ${apiKey}", hardcoded OTP), which encourages the LLM to accept and output secret values verbatim and therefore poses a high exfiltration risk.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to move money. It documents SDKs and REST APIs for on-chain and off-chain payment operations (Squads V4 multisig + Smart Account + Grid). Examples show creating multisig vaults, building and signing transfer instructions (SystemProgram.transfer), creating and executing vault transactions (multisig.rpc.vaultTransactionCreate / vaultTransactionExecute), spending-limit creation and use, session keys with "transfer"/"swap" permissions, direct debits/subscriptions, and Grid REST endpoints for creating payment intents and standing orders. It also includes program IDs and PDAs for wallets and vaults. These are specific crypto/blockchain and payment APIs that enable sending funds and managing payment flows—so this grants Direct Financial Execution authority.