evm-hardhat

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly configures and uses public RPC endpoints (e.g., https://forno.celo.org) and block explorer APIs/browser URLs (e.g., https://api.celoscan.io/api, https://celoscan.io) for deployment and programmatic verification, so the agent will fetch and interpret third-party public site/API responses that can affect deployment/verification decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for EVM blockchain development and deployment (Hardhat + Celo). It instructs use of a PRIVATE_KEY environment variable, configures network accounts with that private key, shows deployment scripts that call ethers provider and deploy contracts to Celo Mainnet/Sepolia, and includes commands to run deployments on mainnet. Those behaviors require signing and sending on-chain transactions (wallet/private-key usage) — i.e., direct crypto/blockchain execution capability. This matches the "Crypto/Blockchain (Wallets, Swaps, Signing)" criterion, so it is a direct financial execution tool, not a generic capability.