smart-money-signal-copy-trade

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill directly ingests untrusted public third‑party data via the onchainos CLI (e.g., onchainos signal list, token advanced-info, token trades, market candles, and security token-scan calls shown in bot.py and risk_check.py) and uses those signals and token metadata to make buy/sell decisions, so external/user-generated content can materially influence agent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a live cryptocurrency trading bot that performs on-chain trades and signs transactions. It requires logging into an Agentic Wallet, checks wallet balances, requests a Live Mode budget, toggles DRY_RUN to False to use real SOL, and calls onchainos execution commands including onchainos swap swap and onchainos wallet contract-call (TEE signing + broadcast). These are specific crypto/blockchain transaction APIs and wallet signing operations designed to move funds (execute swaps and broadcast transactions). Therefore it grants direct financial execution capability.