celo-rpc

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill directly queries public Celo RPC endpoints (e.g., https://forno.celo.org and third‑party providers listed in references/rpc-providers.md such as Alchemy, Infura, Ankr, QuickNode), ingesting public blockchain data (transactions, logs, contract storage) that the agent reads and could influence subsequent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed for interacting with the Celo blockchain (crypto). It documents use of viem and cast (blockchain client tools) and lists standard EVM RPC methods including eth_sendRawTransaction ("Sends a signed transaction"). Those are specific blockchain transaction APIs that enable submitting transactions that move funds/assets (and viem/cast can be used to sign/send transactions). This is a direct financial execution capability, not a generic tool.