tig-innovator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow explicitly downloads and analyzes algorithms from the public TIG network (see "Download existing TIG algorithms" and the tig-innovator list / analyze commands in SKILL.md), which are likely user-submitted, untrusted third-party code that the agent reads and uses to generate optimizations and submission decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly integrates with a blockchain-like payment flow: the submit command posts optimized algorithms to the TIG network and costs 10 TIG on mainnet. The docs require a TIG_WALLET_ADDRESS and TIG_PRIVATE_KEY environment variables, note “Sufficient TIG balance (10 TIG per submission)”, and list a submission.ts and tig/api.ts client in the architecture. Those elements indicate signing/submitting transactions and moving cryptocurrency—i.e., direct crypto/blockchain execution capability.