authenticate-wallet

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill directs the user to run "npx agnic@latest auth login", which fetches and executes remote code from the npm registry at runtime (via the npx/npm URL for the agnic package), so the skill relies on and executes external code fetched during runtime.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). This skill is explicitly for authenticating an AgnicPay crypto/payment wallet via OAuth. It exposes wallet addresses, session tokens, and lets the user approve spending limits for the CLI session—i.e., it's a specific wallet integration (crypto/wallet authentication) that grants an agent authenticated access to a payment-capable account. Under the rules (Crypto/Blockchain: Wallets/Signing), this is a specific financial tool, not a generic capability, and therefore represents direct financial execution authority.