strategy-ranking-sniper

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These links include raw shell scripts and release endpoints from an unvetted personal GitHub account (plus a cloud doc link) and the skill explicitly instructs curl|sh and installing/running binaries — a high-risk pattern for distributing malware or running arbitrary code.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and parses public OKX Onchain OS MCP / onchainos data (e.g., dex-okx-market-token-ranking, dex-okx-market-token-advanced-info, dex-okx-market-token-holder as shown in SKILL.md and engine.py's fetch_* / run_onchainos calls) and directly uses that untrusted, third‑party token/ranking/holder content to drive buy/sell decisions and tool use, so it is exposed to indirect prompt-injection risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's pre-flight/install steps run curl | sh against remote install scripts—specifically https://raw.githubusercontent.com/okx/onchainos-skills/main/install.sh, https://raw.githubusercontent.com/purong-huang-1121/skills-store/main/install.sh, and https://raw.githubusercontent.com/purong-huang-1121/skills-store/main/install_strategy.sh (used at runtime to install required binaries)—which executes remote code fetched at those URLs and are required dependencies for the skill.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading bot for Solana and includes concrete, specific mechanisms to execute financial transactions: CLI commands that perform buys/sells (tick, start, test-trade, sell, sell-all), configurable budget and per-trade amounts, and explicit Trade Execution APIs (/api/v6/dex/aggregator/swap, /api/v6/dex/pre-transaction/broadcast-transaction). It also uses Solana RPC methods (sendTransaction, getLatestBlockhash, getSignatureStatuses) and onchainos wallet TEE signing for transaction signing. These are direct crypto trade/wallet signing and broadcast capabilities — not generic tooling — so it grants direct financial execution authority.