dflow-spot-trading

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly instructs the agent to ask the user for a DFlow API key and to use an x-api-key on every direct HTTP request (and to generate scripts that perform HTTP calls), which encourages embedding a secret value verbatim into generated requests/code and therefore creates an exfiltration risk.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a Solana token trading integration (dflow-spot-trading). It defines API endpoints and CLI commands to build, sign, and broadcast on-chain swap transactions (e.g., /order returns a VersionedTransaction to be signed and submitted; CLI dflow trade “manages keys, signs, broadcasts”). It includes sponsor/gasless features (sponsor= and co-signing), priority-fee control, and requires DFlow API keys. These are specific, purpose-built financial execution primitives (sending transactions that move funds), not generic tooling.