@1247/across-bridge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill directly queries the public Across API endpoints (https://app.across.to/api/suggested-fees and https://app.across.to/api/deposit/status) and parses fields like spokePoolAddress, outputAmount, exclusiveRelayer, and deadlines which are then used to construct calldata and transaction parameters, so untrusted third-party responses can materially alter agent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to move crypto funds. It provides tooling and instructions to build bridge transactions, create encoded deposit calldata, perform ERC‑20 approvals, and then call a wallet_transfer (including to, amount, chain_id, data) to broadcast the transaction. This is a specific crypto/blockchain execution flow (wallet signing/sending and token bridging), not a generic API or browser automation — therefore it grants direct financial execution capability.