injective-evm-developer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly directs the agent to consult and ingest public Injective documentation and raw GitHub sources (e.g., https://docs.injective.network/developers-evm/ and https://raw.githubusercontent.com/InjectiveLabs/solidity-contracts/...), so the agent is expected to fetch and interpret open third-party web content which could materially influence actions (ABIs, deployment steps, precompile behavior).

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly targets blockchain financial operations on Injective: it documents interacting with the bank precompile (token minting/transfer behaviors and BankERC20 implementations), the exchange precompile (trading-related precompile), faucets to obtain INJ, instructions for client.writeContract and transaction creation, and explicit EIP-712 signing guidance for submitting transactions. These are specific crypto/blockchain transaction tools (signing and sending on-chain transactions, minting/transferring tokens, and using an exchange precompile) — i.e., explicit capabilities to move crypto funds. Therefore it meets the "Direct Financial Execution" criteria.