wallet-brc100

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). SKILL.md explicitly instructs the agent to "use the browser-agent to fetch current documentation from bsv.brc.dev", which is an open public third-party website whose content the agent would read and could materially influence implementation decisions and subsequent tool use.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a BRC-100 wallet implementation guide that provides concrete, actionable APIs and code to create, sign, and broadcast cryptocurrency transactions (BSV). It documents classes and functions that manage private keys, UTXOs, createAction/signAction/completeSignedAction, produce/send transactions (txid, noSend/BEEF relay, broadcasting), listOutputs (with input BEEF proofs), sweep/import via WIF, and other wallet operations. These are specific crypto/blockchain financial execution capabilities (wallets, transaction sending, signing, UTXO management), not generic tooling.