@1826/woofi-swap-optimizer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests real-time quotes from public, third-party APIs (e.g., https://api.woo.org/v3/public/, https://api.1inch.dev/, https://api.0x.org/, https://apiv5.paraswap.io/) via web_fetch as part of its required workflow and then uses that untrusted content to choose and execute swap routes, so external content can directly influence agent decisions and actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to execute cryptocurrency swaps. It requires loading a wallet policy, checking wallet balances, constructing an on-chain WOOFi swap transaction, and calling wallet_transfer with encoded calldata to broadcast the swap. It references specific crypto swap APIs (WOOFi, 1inch, 0x, Paraswap), cross-chain bridging, and detailed execution steps (tx construction, signing via wallet, broadcast, and logging). These are specific crypto financial execution functions (not generic browser/API tooling), so the skill grants direct financial execution authority.