solanatracker-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's scripts and SKILL.md show runtime requests to the public SolanaTracker service (e.g., https://data.solanatracker.io endpoints such as GET /tokens/{token}, /tokens/{token}/holders/top20, /pnl/{wallet} and the WebSocket datastream wss://datastream.solanatracker.io) and the agent directly reads and acts on that returned token/holder/PnL data (risk scoring, trading/bundler assessments), so untrusted third‑party content can materially influence behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly advertises a self-hosted DEX aggregator ("Raptor") and "self-hosted swap execution" supporting 25+ DEXes, references a Swap API and execution scripts/docs, and points to Raptor deployment and execution tooling. Those are crypto/blockchain transaction and swap capabilities (i.e., designed to move funds), not just generic data/read-only endpoints. Therefore it provides direct financial execution capability.