decentraland-sdk-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill (see add-3d-models/SKILL.md and add-3d-models/references/model-patterns.md, plus audio-video and audio-catalog references) explicitly instructs the agent to search public OpenDCL/creator catalogs and download external GLB/audio/video URLs (e.g., models.dclregenesislabs.xyz, builder-items.decentraland.org) and to read/inspect those files' metadata (bounding boxes, animations) as part of its workflow, so untrusted third‑party content can directly affect placement, component choices, and subsequent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly includes a "Blockchain & NFTs" topic with NftShape, wallet checks, token gating, signed requests, and smart contracts. The shared references list a "Crypto/MANA" library describing "MANA operations, currency/NFT transactions, marketplace integration" — all specific crypto/transaction capabilities (wallet interactions and currency/NFT transactions) that can be used to move value. This meets the Direct Financial Execution criteria for Crypto/Blockchain (wallets, signing, transactions).