swapper-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's mandatory Phase 0 "Pre-Research (Use WebFetch / WebSearch)" explicitly instructs the agent to search for and fetch public third‑party resources (official docs, Swagger/OpenAPI specs, GitHub repos, API endpoints) and then uses those fetched API docs/responses to determine integration logic and runtime behavior (e.g., slippage format, transaction construction), which exposes the agent to untrusted, user‑generated public content that can materially influence actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). This skill is explicitly and specifically designed for crypto financial operations. It integrates DEX aggregators and swappers, interacts with swapper APIs, fetches executable quotes, constructs transaction metadata (to, data, value, gas), provides getUnsignedEvmTransaction and executeEvmTransaction logic, and supports deposit-to-address and order-based execution models (including swap IDs and status polling). Those are direct mechanisms to create, sign/prepare, and execute on-chain value transfers (swaps/bridges). Therefore it grants direct financial execution capability.