crypto-bd-agent

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). This is a GitHub repository from an unverified/unknown account that appears to contain scripts and instructions to run code related to crypto operations (payments, wallet interactions), and while GitHub is a common host, unreviewed repos that ask you to download/execute code are a moderate-to-high risk and should be thoroughly audited before running.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch and scrape public, user-generated sources (see "Intelligence Gathering" → "Recommended Source Categories" including "Web Scraping", "Community", DexScreener, Protocol forums, social metrics) and uses those signals directly in the 100-point scoring and outreach/pipeline decisions, so untrusted third-party content can materially influence actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly focused on cryptocurrency business development and includes concrete, crypto-specific financial operations: "x402 micropayments" and "autonomous payment workflows (x402)" (with budget details ~ $0.30/day), instructions that "x402 payments ONLY through verified endpoints," and "Separate wallets: payments, on-chain posts, LLM routing." It also requires on-chain actions such as registering agents via ERC-8004 (writes to blockchain) and managing wallets for payments and on-chain posts. These are specific crypto/blockchain payment and wallet functions (not generic browser or HTTP tooling), so the skill grants direct financial execution capabilities.