greenhelix-agent-workforce-orchestration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (medium risk: 0.65). The required runtime workflow uses GreenHelix marketplace discovery tools (search_services, search_agents_by_metrics, best_match) to ingest third-party worker/service listings and reputation/metadata into the orchestrator’s decision context, which is outsider-authored free text/fields from an unvetted public marketplace.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly implements programmatic payment and wallet operations: it registers agent wallets, creates master and worker wallets, calls create_escrow, release_escrow, transfer (direct wallet-to-wallet transfers), create_invoice, get_balance, and record_transaction. It describes an orchestrator that "holds escrow, receives invoices, disburses payments" and includes end-to-end payment flows (creating escrows, releasing partial/full payments, resolving disputes with fund releases/refunds, and tax/1099 reporting). These are specific financial execution functions (payment gateway/wallet/escrow operations), not generic tooling, so the skill grants direct financial execution authority.