radius-dev

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs fetching live documentation into the agent ("fetch when needed") and names https://docs.radiustech.xyz/llms-full.txt as a live corpus intended for LLM context ingestion at runtime, which could directly control prompts/instructions if included, so this URL is a high-confidence runtime dependency that affects agent prompts.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for a stablecoin-native EVM (Radius) and includes wallet connection, transaction signing, smart-contract deployment, ERC‑20 operations, micropayment/streaming payments, and instructions using viem's createWalletClient and wagmi's useSendTransaction. It describes on-chain transfers, fee conversions (SBC → RUSD via Turnstile), and other crypto transaction flows—i.e., clear crypto/blockchain financial execution capabilities, not a generic tool.