whale-index

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly pulls and re-fetches public Discovery leaderboard and trader data (via discovery_top_traders, discovery_get_trader_state, discovery_get_trader_history) as part of the required workflow (SKILL.md and references/daily-monitoring.md), and the agent uses that untrusted, user-generated content to score traders and drive allocation, monitoring, and swap/execution decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed for trading and copy-trading operations and includes named APIs that perform trading lifecycle actions: creating mirror strategies (strategy_create_mirror), checking strategy/clearinghouse state (strategy_get_clearinghouse_state), closing strategies/teardown (strategy_close_strategy), and instructions to allocate user budget, execute swaps, and return funds to the main wallet. These are specific, finance-focused operations that would initiate and manage real trades and fund movements rather than generic browsing or HTTP calls. Therefore it grants direct financial execution capability.