subsystem-summary-of-main

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly describes fetching and applying data from external history archives and P2P peers (see Config's HISTORY map, HistoryArchiveManager/HistoryManager and catchup()/publish() flows) and handling overlay network messages via OverlayManager, which are untrusted third-party sources whose content is consumed and can change runtime decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly about a Stellar blockchain node (stellar-core) and includes built-in crypto/transaction capabilities: it documents transaction signing utilities (dumpxdr: "transaction signing utilities", signtxn/signtxns), CLI commands like "sign-transaction", and helpers to construct Soroban upgrade/upload/invoke transactions (SettingsUpgradeUtils: getUploadTx, getInvokeTx, etc.). The CommandHandler also exposes a "tx" HTTP route for transaction handling. These are specific crypto/blockchain operations (signing and constructing/submitting transactions), which match the "Crypto/Blockchain (Wallets, Swaps, Signing)" category in the core rule.