meme-trench-scanner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's runtime code (scan_live.py and scripts/risk_check.py) calls the onchainos CLI to fetch public, user-generated third-party data — e.g., memepump tokens/token-details, token trades, market kline, token info/logo — and directly reads and acts on that data to decide and execute trades, so untrusted external content can materially influence agent behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a cryptocurrency automated trading bot for Solana that integrates with the onchainos CLI and an Agentic Wallet (TEE) to build, sign, and broadcast on‑chain transactions. It includes concrete executable commands and flows for trading: onchainos wallet login/status/addresses, onchainos swap quote and onchainos swap swap to build transactions, and onchainos wallet contract-call for TEE signing + broadcast. The skill’s runtime (scan_live.py) contains try_open_position() and check_position() logic to open/close positions, and the interactive startup flow allows switching to Live Trading (PAPER_TRADE = False) and setting SOL exposure and per-trade sizes. All of these are specific, purpose-built capabilities to execute market orders and manage crypto funds (build/send swaps, sign transactions, manage balances). Therefore it grants direct financial execution authority.