cmc-x402

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md explicitly instructs the agent to fetch live data from CoinMarketCap's public x402 endpoints (e.g., https://pro.coinmarketcap.com/x402/... and https://mcp.coinmarketcap.com/x402/mcp), meaning the agent ingests external third‑party content that can materially influence its decisions or tool use.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly implements on-chain payments: it describes the x402 pay-per-request protocol that "enables automatic stablecoin payments over HTTP" and charges $0.01 USDC per request on Base. The docs require a Base wallet/private key, USDC on Base, and ETH for gas, and the Quick Start shows creating an EVM signer and an x402 client that "handles payment signing automatically." This is a specific crypto payment integration (wallet signing and USDC transfers), not a generic HTTP or scraping tool—so it grants direct financial execution capability.