standards

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's "Practical workflow for AI agents" (Step 3: "Check status/acceptance in the source repo before asserting support") and the maintenance note explicitly direct the agent to consult public GitHub repos and external docs (e.g., links to github.com/stellar/stellar-protocol and other public websites), which are untrusted third-party sources the agent would need to read and could materially change its recommendations.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). This skill is explicitly a Stellar standards and ecosystem reference focused on payments, anchors, wallets, on/off ramps, DEXs/AMMs, and disbursement tooling. It references specific, money-moving APIs and platforms (e.g., SEP-0006 programmatic deposit/withdrawal API, SEP-0024 hosted anchor flows, SEP-0031 cross-border payment flow, Stellar Disbursement Platform for mass payments, DEXs/AMMs like Soroswap, wallet APIs like Freighter/Albedo, Smart Account Kit and OpenZeppelin Relayer for transaction submission). These are specific crypto/financial integration standards and services (not generic automation or HTTP callers) whose primary purpose is moving or managing funds on Stellar, so the skill grants direct financial execution capability.