swap-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill fetches and directly acts on responses from the public Uniswap Trading API (https://trade-api.gateway.uniswap.org/v1) — see the SKILL.md "Trading API" sections where quote/swap responses are read and used to decide permitData/signature handling and to build/execute transactions — so third-party API content can materially influence agent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly and specifically designed to perform cryptocurrency financial operations: it documents Uniswap Trading API endpoints (/check_approval, /quote, /swap), the Universal Router SDK and smart-contract execute() calls, Permit2 signing flows, wallet sendTransaction examples, and backend/frontend code to obtain quotes and broadcast swap transactions. It provides concrete request/response shapes for executing swaps, signature handling, and examples that call walletClient.sendTransaction / walletClient.writeContract and simulate/submit transactions. This is a direct crypto transaction execution integration (moving tokens/funds), so it meets the Direct Financial Execution criteria.