spectra-pt-yield-trader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's mandatory workflow steps call the external mcp_spectra connector (see skill.spec.yaml and SKILL.md: scan_opportunities/quote_trade/simulate_portfolio via the Spectra MCP server) and the runtime also fetches Seren API data (scripts/agent.py _check_serenbucks_balance and scripts/setup_cron.py interacting with api.serendb.com / seren-cron), so it ingests untrusted third‑party API responses that directly influence quoting, selection, and execution handoff decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly and specifically designed for DeFi trading across multiple blockchains: it uses mcp-spectra connectors (scan_opportunities, quote_trade, simulate_portfolio, get_looping_strategy), ranks and quotes executable PT trades, enforces risk caps, and — crucially — emits structured execution handoff payloads intended for a separate signer/executor (including an explicit Trade Execution Contract and live-handoff workflow). Although it states the MCP server is read-only and it does not sign/broadcast transactions itself, the skill's primary purpose is to prepare and trigger live trade execution (market/chain-specific trade intents) and to manage automated live runs (seren-cron scheduling, pause-on-insufficient-funds). This is a specific crypto/blockchain trading capability rather than a generic tool, so it meets the criteria for Direct Financial Execution authority.