install-moomoo-opend

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill fetches and runs remote installers at runtime from URLs such as https://www.moomoo.com/download/fetch-lasted-link?name=opend-windows (with fallbacks like https://www.futunn.com/download/fetch-lasted-link?name=opend-windows and direct binaries from https://softwaredownload.moomoo.com/moomoo_OpenD_{VERSION}_Windows.7z), which the skill relies on and executes as installers/binaries, so these external links present a high-risk runtime dependency.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). This skill instructs the agent to automatically download and install system-level software (platform installers, dpkg/rpm installs, apt/yum package installation, copying to /Applications, firewall guidance) and to upgrade/install packages which modify the host system and may require elevated privileges, so it pushes the agent to change machine state.