zerion-uniswap-x402

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires fetching and running remote packages at runtime—specifically installing the Uniswap skill via npx (Uniswap/uniswap-ai) which supplies the /pay-with-any-token logic that controls agent behavior, and running the Foundry installer via curl -L https://foundry.paradigm.xyz | bash which executes remote code—so these external sources directly control prompts or execute code and are required dependencies.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to move crypto funds and submit payments. It invokes Uniswap's /pay-with-any-token (performs token swaps, routing, and EIP-3009 signing/payment submission) and Zerion CLI bridge/positions/portfolio commands (bridging tokens and managing wallet balances). The documentation instructs importing an EVM key or exporting PRIVATE_KEY and aligning signing wallets, which enables signing and sending on‑chain transactions. These are direct crypto/blockchain execution capabilities (wallets, swaps, signing, bridging), so it grants direct financial execution authority.