foundry-solidity

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md and included references (notably references/anvil-advanced.md, references/configuration.md, and deployment.md) explicitly instruct using public RPC/fork URLs (e.g., anvil --fork-url, forge test --fork-url, vm.createSelectFork and example Alchemy/Infura endpoints) which cause the agent to fetch and ingest live, public blockchain state (third-party, user-generated transactions) that can materially influence tests, simulations, and subsequent tool actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for Ethereum/EVM development and includes concrete commands and APIs that sign and broadcast transactions. Examples: cast send $CONTRACT "transfer(address,uint256)" ... --private-key $KEY, forge create ... --private-key $KEY --broadcast, deploy scripts using vm.envUint("PRIVATE_KEY") with vm.startBroadcast/vm.stopBroadcast. These are specific crypto/blockchain wallet and transaction operations (signing, sending, deploying, transferring tokens/ETH), which constitute direct financial execution authority.