bloque-sdk-ts

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests untrusted third‑party data — webhook payloads (references/webhooks.md) and MCC whitelists that can be provided as URLs returning JSON (references/cards-and-spending-controls.md) — and instructs the agent/app to read and act on that data (route events, update DB, notify users, and apply routing rules), which could allow indirect instruction injection.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a TypeScript SDK for programmable financial infrastructure and exposes concrete money-moving APIs and primitives. It documents and instructs on creating accounts/pockets/cards, shared ledgerIds (shared balances), and direct transfer operations such as accounts.transfer and accounts.batchTransfer, swap/top-up flows including swap.bankTransfer.create, and card controls that change spending limits and freeze/disable cards. These are specific, purpose-built financial operations (sending transfers, creating bank transfer top-ups, configuring spend limits and routing), not generic tools. Therefore it grants direct financial execution capability.