caw-eval

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's server-setup steps include runtime commands that fetch-and-execute remote scripts (e.g., curl -fsSL https://raw.githubusercontent.com/CoboGlobal/cobo-mpc-sdk/main/scripts/install.sh | bash and curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -), so external content is fetched at runtime and executed as a required part of provisioning.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly built to evaluate CAW (Cobo Agentic Wallet) agents on transaction-related scenarios. Evidence:
• Recipe 模式 is described as "交易构建评测" and scoring explicitly includes tx_construction_correctness and tx_submission_success.
• It states "仅评估交易是否被正确构建/提交" and the dataset is Ethereum Sepolia with cases: transfer / swap / lend / dca — i.e., on-chain financial operations.
• Server setup references caw/onboarding/充值/验证 and the orchestration dispatches agents to run these transaction scenarios.

This is not a generic automation tool: its primary and explicit purpose includes constructing and submitting crypto transactions. Under the core rule (crypto/wallets/swaps/signing/transaction submission), this constitutes Direct Financial Execution capability.