cyber-security-consultant

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md workflow instructs using the ACP CLI (acp browse "Cybercentry" and acp job create ...) to submit queries and ingest the provider's responses, meaning the agent will fetch and act on untrusted third-party content returned by an external provider (Cybercentry) as part of its runtime workflow.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The workflow explicitly instructs the user to locate a "provider wallet" via the ACP CLI and to call acp job create <wallet> ... using that wallet identifier. That is a specific crypto/blockchain wallet interaction (wallet parameter in a CLI that likely triggers on-chain or payment-related job creation), which meets the "Crypto/Blockchain (Wallets, ...)" criterion for Direct Financial Execution. Although the skill's purpose is security consulting, the presence of explicit wallet-centric commands constitutes a specific financial execution capability rather than a generic tool.