breeze-x402-payment-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md and code explicitly fetch and parse responses from public third‑party endpoints (e.g., https://x402.breeze.baby and https://api.mainnet-beta.solana.com), ingesting unsigned transactions and balance data which the agent is expected to interpret and then sign/send—meaning untrusted external content can directly influence tool actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to perform on-chain financial operations: it exposes x402 payment-gated endpoints for balance checks, POST /deposit and POST /withdraw that build unsigned Solana transactions, requires a WALLET_PRIVATE_KEY, and includes code to sign and broadcast transactions to the Solana network (sendRawTransaction/confirmTransaction). It also handles USDC micropayments and wallet/payment handler setup. This is a specific financial execution tool (creating, signing, and sending payments/withdrawals), not a generic interface.