mpp-client-fetch

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs the agent to fetch live third‑party docs (e.g., https://www.npmjs.com/package/mppx, https://mpp.dev/overview, and GitHub search results) and to read web-search results, which are public/untrusted sources that the agent is expected to interpret and could materially change its implementation or behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly implements client-side payment execution. mppx.fetch transparently handles the full HTTP 402 payment flow and “automatically pays using the configured wallet/payment method.” The examples show direct use of crypto wallets (privateKey for Tempo) and Stripe SPTs, multi-method payment configuration, and a CLI that triggers payments. This is a specific tool to send payments/sign transactions (crypto wallets) and use payment gateways (Stripe), i.e., direct financial execution.