berry-juicer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt requires the agent to generate and embed wallet signatures (and in examples API keys) verbatim into HTTP headers/commands (x-berry-sig, x-berry-*, X-API-Key), which are single-use live credentials and thus constitute direct handling/exfiltration of secrets.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly provides crypto/financial execution capabilities. It details signing and submission flows that move real funds: (1) authorized inference calls that spend harvested USDC from a creator's inference wallet (requires wallet personal_sign and specific x-berry headers), (2) deposit and withdraw on-chain transactions that move ERC‑20 token inventory and interact with a verified factory/vault (with raw calldata construction, chainId/contract address checks, simulation, and broadcast instructions). It also includes concrete wallet signing recipes (Bankr REST, Privy, generic EOA) and requirements for nonces, timestamps, and signature use. These are specific blockchain payment/transfer operations (wallet signing, on‑chain submits, and spending USDC), not generic tooling, so this grants Direct Financial Execution Authority.