messari-alpha-scout

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The workflow explicitly fetches external data from Messari's public APIs (e.g., https://api.messari.io/signal/v1/assets/mindshare-gainers-24h, https://api.messari.io/v1/current, https://api.messari.io/news/v1/news/feed) and passes those headlines/signals into the AI narrative synthesis (Step 5), which the agent uses to form recommendations and potentially drive trading actions, so untrusted third-party content can materially influence behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly interacts with crypto wallets and includes commands to check on-chain balances and to execute token swaps. Examples: "mp token balance list --wallet main --chain base" (checks wallet USDC balance) and the documented trade command "mp token swap --wallet main --chain base --from-token usdc --from-amount --to-token ". It also references payments in USDC on Base and related "moonpay-swap-tokens" (execute trades) skill. These are specific crypto/transaction actions (wallet, balance, and swap), not just generic data fetching, so it grants direct financial execution capability.