deploying-contracts-on-abstract

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill includes a runtime installation command that runs remote code: "curl -L https://raw.githubusercontent.com/matter-labs/foundry-zksync/main/install-foundry-zksync | bash", which fetches and immediately executes a script and is presented as a required setup step for Foundry/zksync.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly about deploying smart contracts on a live blockchain (Abstract), including commands that import wallets and sign/send transactions (e.g., cast wallet import, forge create ... --account myKeystore --rpc-url ... --chain ... --zksync). It also instructs funding the deployer (faucets/bridge) and interacting with mainnet RPCs and block-explorer APIs. These are concrete crypto/blockchain actions (wallet management, signing and submitting transactions) — i.e., direct financial execution capability.