mint-artblocks-token

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md requires calling discover_projects, get_project_minter_config, and check_allowlist_eligibility (which resolves public Art Blocks usernames/profiles and related project/allowlist data), so the agent ingests public, user-generated Art Blocks content that directly affects eligibility checks and transaction-building.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to perform cryptocurrency purchase/mint operations. It exposes mint/purchase workflows, wallet addresses and ENS resolution, chain IDs, currency (ETH/ERC-20), eligibility checks tied to wallets, and a build_purchase_transaction function that constructs on-chain purchase transactions (with instructions about signing and gifting via purchaseTo). These are direct crypto/blockchain financial execution capabilities (wallets, transaction building/signing), so it meets the "Direct Financial Execution" criteria.