authenticate-wallet

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill invokes "npx agnic@latest" which fetches and executes remote npm package code at runtime (from the npm registry, e.g. https://registry.npmjs.org/agnic), so it relies on external code that is executed locally.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for authenticating an AgnicPay wallet via a browser-based OAuth flow. It references a walletAddress, tokenExpiry, and notes the user can "set spending limits" during login. This is a specific crypto/payment wallet integration (not a generic browser tool or generic API caller) that would provide tokens/credentials enabling financial transactions. Therefore it grants direct financial execution capability.