blockfill-agent-execution

Fail

Audited by Snyk on Jun 15, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.80). These URLs include proxy endpoints with embedded credentials and internal/third‑party proxy hostnames plus a GitHub "official-skills" repo — the repo itself may be benign but routing signed exchange API traffic through unknown or unverified proxies (user:pass@host forms and sc-vpn.internal hosts) can expose API keys or enable MitM, so they should be treated as suspicious unless you verify control/trust of the proxy and inspect the repo code.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill is explicitly a crypto trading execution SDK/daemon that places orders on Binance Futures and OKX Swap. It exposes functions to set exchange API credentials, start a local daemon that signs orders, and a bf.place(...) API to submit execution "tickets" (maker/twap strategies) which create, supervise, cancel, and finalize exchange orders and change positions. This is a purpose-built tool to execute market/futures trades (send transactions) on exchanges, so it grants direct financial execution authority.

Issues (2)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 15, 2026, 09:47 AM
Issues
2
Security Audit — snyk — blockfill-agent-execution