hive-developer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly calls public Hive RPC/REST endpoints (see api-reference.md and streaming-and-realtime.md: callRPC/callREST/callWithQuorum against nodes like https://api.hive.blog and uses methods such as condenser_api.get_content and get_ops_in_block) to read user-generated blockchain posts/operations and those reads are used in workflow logic (waitForContent, quorum preflight checks, polling/ops processing), so untrusted third-party content can materially influence agent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for Hive blockchain transaction construction, signing, and broadcasting (wallet and transfer flows). It references transaction builders (tx.addOperation), key-safe signing with correct key types (active for financial ops), tx.broadcast(waitForInclusion), and handling tx_id/status. Those are concrete crypto/blockchain wallet and signing capabilities intended to move on-chain assets, not generic tooling. Therefore it grants direct financial execution authority.