solend

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly loads public on-chain and token-list data (calls to tokenlist.resolveTokenMints, tokenlist.getTokenList, and solend.getSolendReserves / getSolendObligation via a Solana RPC connection configured by SOLANA_RPC_URL) — these are open, third-party sources whose content is untrusted/user-controlled and is parsed/used to decide transactions and outputs.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a DeFi wallet/protocol integrator for Solend on Solana. Its commands include deposit, withdraw, borrow, and repay — i.e., actions that move or manage on-chain funds. The configuration requires a SOLANA_PRIVATE_KEY and RPC endpoint, implying transaction signing and submission. This is a specific crypto/blockchain financial execution capability (wallet signing and on-chain transactions), not a generic tool.