basket-create

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs fetching and parsing live Polymarket data from the public API (e.g., curl calls to https://gamma-api.polymarket.com/markets) and uses user-visible fields like market questions/slugs and prices to choose basket items and weights, meaning untrusted third-party, user-generated content is read and can materially affect subsequent on-chain actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to perform on-chain financial actions via a blockchain wallet CLI. It requires configuring vara-wallet to mainnet, checks wallet balance (VARA for gas), and contains direct vara-wallet commands that call the BasketMarket/CreateBasket contract method (i.e., sending a transaction). This is a specific crypto/blockchain wallet signing and transaction flow (not a generic tool), so it grants direct financial execution capability.