neta-creative

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests external, user-provided media via the upload command (supports http:// / https:// URLs in references/media-upload.md) and reads collection payloads via read_collection (references/collection-remix.md), and those remote/user-generated assets are used directly as reference inputs that influence generation prompts and subsequent tool calls.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill repeatedly uses the runtime command "npx -y @talesofai/neta-skills@latest", which fetches and executes a remote npm package at runtime (remote code execution) that implements the CLI used to drive prompts and generation, so this is a required external dependency that executes remote code.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill includes explicit payment-related commands: create_premium_order and pay_premium_order --channel "stripe-checkout", and references "Premium (plans, orders, Stripe)" and checkout verification flows. This is a specific payment-gateway integration (Stripe Checkout) and therefore provides direct financial execution capability rather than a generic tool.