bridge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill directly fetches and parses data from the public WormholeScan APIs in index.ts (the fetch calls in the "status" and "routes" handlers), and that untrusted third-party JSON is interpreted and used to drive status/route outputs which can materially influence follow-up actions like redeeming or initiating transfers.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly implements cross-chain token transfer functionality (Wormhole and Circle CCTP). It includes concrete "send" and "redeem" commands and APIs that perform financial actions: e.g., "/bridge send 100 USDC sol to eth", executeWormholeBridge/executeCCTPBridge functions, and redeemCCTP/executeWormholeRedeem. The TypeScript API requires source/destination private keys and returns transaction hashes/VAA/message hashes, and the flow describes locking, burning, attestation, and minting of USDC. These are specific primitives to move value and manage token transfers (not generic helpers), so this skill grants direct financial execution capability.