nano-block-lattice-expert

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow explicitly directs the agent to consult public third-party sites (e.g., the BlockLattice explorer at https://blocklattice.io and community pages like nanoticker.org / nanobrowse.com, as well as relying on https://docs.nano.org/) and to use information from those pages (account/block views, representative lists, node monitors) to drive actions and decisions, exposing the agent to untrusted open-web content that could influence tool use.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to operate the Nano (XNO) cryptocurrency: it includes wallet lifecycle operations (create/import/delete via OWS), signing, and explicit transaction verbs and tooling for moving funds (e.g., instructions to use MCP/CLI tools like send and receive, xno-skills rpc account-balance, and mandate to "proactively settle all pending funds by publishing a receive block"). It references keys/seeds, block construction, signatures, PoW, broadcasting, and delegates signing to OWS. These are concrete crypto wallet and transaction capabilities (wallet management, signing, broadcasting transactions), which qualify as Direct Financial Execution under the Crypto/Blockchain criteria.