vechain-kit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's runtime hooks explicitly fetch and resolve arbitrary, user-owned content from public sources — e.g., references/kit-hooks.md shows useNFTImage/useNFTMetadataUri and useIpfsImage (IPFS/NFT metadata) and VET domain text records/useGetAvatar (resolver-hosted key-value records and image URLs) which are untrusted, user-generated data the agent is expected to read and display/use in the app.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for VeChain blockchain integration: it documents wallet connection, smart accounts, transaction-building and sending, hooks named useSendTransaction/useBuildTransaction/useSignMessage, useThor for Thor client access, and references on-chain transaction building, signing, and fee delegation. These are specific crypto/blockchain execution capabilities (wallets, signing, sending transactions), so it grants direct financial execution authority for crypto operations.