viral-game

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests untrusted public content (see tweet-pipeline.md Form B which uses the fetch-tweet skill / WebFetch to retrieve tweet text) and also web-searches/downloads images and 3rd‑party model data (step 1.5, asset generation with Meshy/World Labs and Sketchfab), and that external content is read and used to drive creative abstraction, celebrity detection, asset generation, and branching decisions in the pipeline, so third‑party content can materially influence tool use and next actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). This skill explicitly integrates a monetization platform (Play.fun) with concrete API calls and SDK methods: it instructs authenticating via bundled playfun-auth.js, registering the game via POST https://api.play.fun/games, retrieving and embedding the user's Play.fun public API key, and adding the Play.fun Browser SDK (with SDK methods addPoints and savePoints). It also mentions "wallet connect" and token/points rewards (and suggests launching a "playcoin"), which implicates crypto wallet interactions. These are specific, non-generic financial/monetization APIs and wallet integration steps (i.e., not just a generic HTTP or browser tool), so the skill provides direct financial execution/monetization capability.