config

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs embedding full RPC URLs (and shows an example with an API key placeholder) directly into CLI commands like config set-rpc, which requires the LLM to output the secret-containing URL verbatim if provided.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly lets users set arbitrary RPC endpoints with config set-rpc <url> and uses tx-status to query those HTTP(S) RPC endpoints to read blockchain responses that influence transaction verification and subsequent actions, thus ingesting untrusted third-party content from arbitrary URLs.