bluepages

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill directly calls the public Bluepages API (bluepages.fyi) — via the MCP server or direct HTTP endpoints — to fetch Twitter/Farcaster identity mappings and related profile data from the open web, which is untrusted, user-generated content that the agent is expected to read and interpret.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly supports crypto payments: it accepts a PRIVATE_KEY (an Ethereum private key) for x402 pay-per-request, includes a purchase_credits tool (buy credits with USDC on Base), and documents API flows that return a 402 which must be signed/resubmitted with an X-PAYMENT header. Those are specific blockchain/payment integrations and permit signing/sending on-chain payments, which is direct financial execution capability.