starknet-js

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md Provider Setup and examples (e.g., RpcProvider.create with nodeUrl like 'https://rpc.starknet.lava.build') and scripts/account-example.ts (which uses STARKNET_RPC_URL) explicitly instruct the agent to fetch blockchain state, receipts, fee estimates, and paymaster data from external RPC/paymaster endpoints — untrusted third‑party HTTP sources whose responses are parsed and used to decide/execute transactions and fees.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is an SDK for Starknet with explicit, native capabilities to manage accounts, sign transactions, and execute on-chain operations. It documents account creation and signing, wallet integration (ArgentX/Braavos), account.execute / account.executePaymasterTransaction, ERC‑20 transfer/approve patterns, fee estimation, transaction submission and receipt handling, paymaster (sponsored/alternative token) flows, and other primitives for moving on‑chain tokens. These are specific crypto/blockchain transaction APIs intended to move value (send transactions, transfer tokens, manage gas/paymasters), so it provides direct financial execution authority.