hive

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill clearly ingests public, user-generated Hive/PeakD content (e.g., "hive content https://peakd.com/@author/permlink" and "hive feed " in SKILL.md) and exposes workflows that act on that content (e.g., "hive vote --url ...", reply, transfer, custom-json), so untrusted third-party posts could influence subsequent tool actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a Hive blockchain CLI designed to broadcast on-chain operations and manage keys. It includes direct crypto transaction capabilities (e.g., "hive transfer --to --amount '1.000 HIVE'", "delegate '100 HP'", "claim", raw broadcast/custom-json" and notes that active keys are required for transfers). It instructs configuring private keys and warns that transfers are irreversible. This is a specific blockchain wallet/transaction tool (not a generic API caller or browser automation), so it grants direct financial execution authority.