cardexscan-p2p

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's scripts (scripts/offers.js and scripts/my-offers.js) call getOffers/getMyOffers from scripts/cardexscan-client.js to fetch live offers from the public CardexScan OTC marketplace — user-generated, untrusted marketplace content that the agent is expected to read and act on (create/fill/cancel), so it could enable indirect prompt injection.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed for cryptocurrency trading on Cardano: it provides scripts to create offers, fill offers, and cancel offers with wallet addresses, amounts, and policy IDs. These are direct blockchain financial actions (creating and executing token trades), not generic tooling. Therefore it grants direct financial execution capability.