deploy-to-mainnet

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly instructs the agent to read public on-chain/RPC data (e.g., configuring external RPC endpoints like Helius in references/rpc-provider-guide.md and running solana program show / solana logs in the SKILL.md Quick Start and Workflow to "verify the deployment on-chain"), which are public/user-controllable sources the agent consumes and that can materially affect deployment decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to perform blockchain mainnet deployment tasks that involve on-chain transactions and wallet management. It references specific crypto tooling/commands (e.g., "anchor deploy --provider.cluster mainnet-beta", "solana balance", "solana config set --url ..."), requires funding ("Need ~5 SOL"), directs use of production RPC providers, and discusses wallet strategy and upgrade-authority transfer (multisig). These are concrete crypto/blockchain operations (wallets, signing, sending transactions) rather than generic tooling, so it grants direct financial execution capability.