bio-launchpad

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly calls the third-party API at https://app.bio.xyz (GET /api/agent-api/launches and GET /api/agent-api/launches/{launchId}/claim) and directly uses returned contract addresses, amounts, and merkle proofs to build and send on-chain transactions, so untrusted API responses can materially change agent behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to perform on-chain financial operations for Bio Protocol launches on the Base blockchain. It includes wallet private-key usage and signing, builds and sends raw transactions, and contains explicit functions to approve token allowances, send participation transactions (contribute funds), claim tokens (receive allocations/refunds), and withdraw refunds. These are direct crypto/ blockchain financial actions (wallet signing + sending transactions), not generic tooling. Therefore it grants Direct Financial Execution authority.