mining-with-bigcoin

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md task map and examples explicitly instruct the agent to call public on-chain contract endpoints (e.g., agw contract write calls to 0x89eb96a... for pendingRewards, ownerToFacility, playerBigcoinPerBlock, getBigcoinPerBlock, and references/game-contracts.md documents functions like minerName), meaning the agent ingests open, user-controllable blockchain data and uses it to decide actions like claiming or purchasing.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to perform on-chain financial actions: it includes contract addresses and ABIs and shows concrete transaction commands to purchase facilities (payable with ETH), approve and spend $BIG tokens, buy miners (spending $BIG), claim rewards, and batch transactions (agw tx calls with ERC-20 approve data). These are direct crypto/blockchain transaction operations (wallet signing/sending, token approvals, payable contract calls) — i.e., direct financial execution capability. It even references routing trading/swapping to a Uniswap skill, reinforcing explicit token-trading functionality.