alchemy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly ingests external, user-generated blockchain metadata (e.g., tokenUri-resolved NFT metadata and images returned by getNFTsForOwner / getNFTMetadata in references/data-nft-api.md and portfolio endpoints via the x402/mpp gateway), which the agent is expected to read/interpret as part of its workflows and could materially influence simulations, portfolio decisions, or subsequent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly exposes blockchain wallet and payment functionality: JSON-RPC EVM "read/write" endpoints, wallet bootstrap/import/create flows, SIWE/SIWS authentication, x402 pay-per-request using USDC, and MPP which supports Tempo (on-chain USDC) and Stripe. It documents payment creation, payment headers, and wallet-based authentication (implying signing and transaction submission). These are specific crypto/payment integrations (wallets, signing, on-chain payments and Stripe via MPP), so it provides direct financial execution capability.