bankr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill performs social sentiment analysis and resolves social handles (Twitter, Farcaster, Telegram) and interacts with public NFT/market platforms like OpenSea and Polymarket, so it ingests and analyzes untrusted, user-generated third-party content.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a crypto trading and wallet agent with APIs and scripts to execute financial actions. It requires an API key, provisions wallets, and exposes concrete operations: token swaps (buy/sell/swap), cross-chain bridges, limit/stop-loss orders, DCA/TWAP automation, transfers to addresses/ENS/social handles, NFT purchases/transfers/mints, leverage trading, Polymarket bets, and token deployment. Example prompts and scripts include "Buy $50 of ETH", "Send 0.1 ETH to vitalik.eth", submitting jobs via bankr.sh, and managing API keys. These are specific, purpose-built financial execution capabilities (crypto wallets, transactions, trading, and betting), not generic tools—so it grants direct financial execution authority.