create-bap-identity

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md describes workflows that parse and act on public on-chain and wallet "bap" basket data (e.g., publishIdentity, getProfile, attest which parse BAP ALIAS/ID outputs from the public BRC-100/Bitcoin data and wallet baskets), so it ingests untrusted, user-generated third‑party content that can influence subsequent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly integrates with Bitcoin wallet APIs and transaction-signing/publishing flows. It uses @bsv/sdk and BRC-100 wallet actions (e.g., PrivateKeySigner, AIP.sign(), publishIdentity.execute, attest.execute, updateProfile.execute) that build, sign, and broadcast on-chain transactions (results include txid and rawtx) and describe wallet-funded outputs. These are concrete crypto/blockchain wallet operations (signing and sending transactions), which constitute direct financial execution capability.