trading

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to use the external GDEX API at https://trade-api.gemach.io/v1 for token-discovery (trending tokens, token details) and copy-trading, so the agent will fetch and act on third-party/untrusted token and trader data that can materially influence trading decisions and tool use.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading SDK that performs financial operations: it provides an API (https://trade-api.gemach.io/v1) and sub-skills for spot trading, perpetual futures (open/close/manage positions), deposit/withdraw perp margin, placing/updating/canceling limit orders, cross-chain bridging/execution, and portfolio management. It requires API keys and a CONTROL_WALLET_PRIVATE_KEY (managed-custody signing) and includes functions like loginWithApiKey — all of which are specific, actionable primitives for moving funds and executing trades. This is not a generic toolset (browser automation or generic HTTP); it is specifically designed to send transactions and manage assets.