smart-contract-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflow includes reading public on-chain and contract data (e.g., ThorClient.at('https://testnet.vechain.org') and thorClient.contracts.load / contract.read and ERC‑721 tokenURI usage shown in references/smart-contracts.md), which are untrusted, user-controlled third-party sources that the agent is expected to interpret and that can materially influence actions like transaction building.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly targeted at blockchain smart-contract development on VeChainThor and names concrete tooling for on-chain interaction and transaction construction: e.g., @vechain/mcp-server for "on-chain data, transaction building, and live network queries", @vechain/sdk-hardhat-plugin, and explicit mentions of VET/VTHO and "signing, fee, or token-transfer implications". These are specific crypto/blockchain integrations that enable building and submitting transactions (including signing and token transfers), which constitute direct financial execution capability under the policy.