discover-artblocks-projects

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documented tools (notably get_project and get_wallet_tokens/get_wallet_summary in SKILL.md) fetch full, untruncated project descriptions, artist profiles, tags, and public collector data from the Art Blocks site (artblocks.io), which is user-generated public content that the agent is expected to read and can influence follow-up actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly references blockchain-specific operations: it uses chain IDs (Ethereum, Arbitrum, Base), accepts wallet addresses/ENS, returns wallet token and portfolio data, and—crucially—references build_purchase_transaction and get_project_minter_config (tools to build a purchase/mint transaction). Those are domain-specific crypto transaction capabilities (wallet/transaction construction) rather than generic browsing, so this grants direct financial execution authority for crypto operations.