wallet-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md shows the agent connecting to arbitrary remote URLs (e.g., createNodeWallet/createRemoteWallet with activeRemote/backups, setActiveStorage('https://other.com'), addRemote('https://mirror.example.com')) and syncing/reading remote storage, which clearly ingests untrusted third‑party content that can alter wallet state and subsequent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a cryptocurrency wallet library (1Sat) for creating and managing wallets: it accepts private keys, derives keys/paths, exposes balance(), and references createAction/signAction and transaction broadcast/proven callbacks. It documents transaction lifecycle (broadcasting, monitoring, insufficient-funds errors), remote storage of wallets, and hardware key protection for private keys. These are specific blockchain/crypto wallet operations (key management, signing, broadcasting transactions), which constitute direct financial execution capability.