controller-presets

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly states the Controller will fetch the preset at runtime from https://static.cartridge.gg/presets//config.json, and that fetched config.json directly controls runtime policies/behavior, so this external URL is a required runtime dependency that can alter the agent's behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly about configuring blockchain transaction policies and sponsorship: it defines chain IDs (SN_MAIN / SN_SEPOLIA), contract addresses and entrypoints, "isPaymastered" flags, paymaster predicates, EIP‑712 message signing policies, and references a Slot paymaster that must be funded with credits to sponsor mainnet transactions. These are specific crypto/blockchain controls for sponsoring and authorizing on‑chain transactions (i.e., moving value/gas sponsorship), not generic tooling. Therefore it grants direct financial execution capability.