evm-rpc

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill makes HTTPS JSON-RPC outcalls to public RPC providers (e.g., EvmRpc.request calls to built-in providers like PublicNode/Alchemy and the #Custom({ url = rpcUrl }) path used by getBalanceCustomRpc), ingesting untrusted, user-supplied third-party responses that the canister parses and uses to drive decision logic (Consistent/Inconsistent branches, error handling, transaction results).

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly exposes Ethereum/EVM transaction APIs and helpers: it supports JSON-RPC methods (including eth_sendRawTransaction), typed calls to eth_sendRawTransaction/sendRawTransaction, and examples that submit signed raw transactions and query receipts. Although the canister doesn't sign transactions itself, the documentation shows how to send signed transactions and references signing via threshold ECDSA — i.e., it is purpose-built to submit on-chain transactions (move crypto). This is a specific crypto/blockchain financial execution capability.