dflow

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill performs runtime fetches to https://quote-api.dflow.net and https://api.prod.dflow.net (and their WebSocket wss://api.prod.dflow.net/ws) to retrieve base64-encoded transactions and swap/instruction payloads which the agent deserializes and executes/sends on-chain, so these external endpoints directly control executable instructions at runtime.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading SDK for the Solana blockchain (DFlow). It exposes Swap and Trade APIs, order/quote/swap endpoints, and examples that construct, sign (with a Keypair/private key), and send transactions (connection.sendTransaction, submit-intent, POST /swap, GET /order, /order-status). It directly enables token swaps, market orders, prediction-market trades, fee collection and programmatic execution (including an agent kit that accepts a private key). This is a direct crypto/blockchain financial execution capability.