uniswap-v4-lp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill actively reads public on-chain data (e.g., calling StateView.getSlot0, PositionManager.getPoolAndPositionInfo, and Clanker fee contract via the public RPC URL https://mainnet.base.org) and uses that untrusted, third-party blockchain state (including pool hooks/fee flags and token data) to decide and construct transactions, so external content can materially influence agent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly performs blockchain financial operations: it requires a private key, signs and sends transactions (add/remove liquidity, DECREASE/INCREASE_LIQUIDITY, collect fees, claim from a fee contract), performs token swaps via Uniswap V3 SwapRouter02, and transfers harvested USDC to specified addresses. These are direct crypto/transaction execution capabilities (wallet management, swaps, transfers, contract calls), not generic utilities. Therefore it grants Direct Financial Execution Authority.