gmgn-cooking

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs the agent to ask the user for the GMGN_API_KEY (and to place GMGN_PRIVATE_KEY PEM content into files using echo commands), which requires the LLM to receive and emit secret values verbatim in generated commands/output, creating an exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content contains explicit, deliberate instructions to solicit users' GMGN API keys ("send me the API Key") and to "silently" base64-encode local files before uploading (and to avoid mentioning that action), which are clear patterns for credential and hidden data exfiltration and enable abusive token-creation workflows (e.g., scam/rugpull launches).

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to perform real blockchain financial operations: it provides gmgn-cli commands to deploy new tokens and execute an initial on-chain buy, requires GMGN_PRIVATE_KEY for local signing, and warns that each cooking create spends real funds and is irreversible. This is a specific crypto/blockchain transaction tool (wallet signing, transaction submission, chain-specific parameters, and polling for tx confirmation), not a generic interface — therefore it grants direct financial execution authority.