evm-rpc

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly sends JSON-RPC requests via the EVM RPC canister to public RPC providers (see "RPC Providers" in SKILL.md listing Alchemy/Ankr/BlockPi/Cloudflare/LlamaNodes/PublicNode) and the canister code (src/lib.rs) reads and acts on those provider responses (e.g., get_latest_block, get_eth_balance), so untrusted third‑party responses are ingested and can influence runtime decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed for interacting with Ethereum and other EVM chains. It provides typed RPC calls for reading balances, ERC-20 reads, transaction receipts, and crucially includes an API to "send_raw_transaction" / "eth_sendRawTransaction" and guidance about signing transactions. These are direct crypto/blockchain transaction operations (sending transactions on-chain), which meet the "Crypto/Blockchain (Wallets, Swaps, Signing)" criterion for Direct Financial Execution.