ika-sdk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflows (SKILL.md and references/flows.md) explicitly instantiate a SuiJsonRpcClient (getJsonRpcFullnodeUrl('testnet')) and call IkaClient methods like getDWalletInParticularState, getPresignInParticularState, getProtocolPublicParameters and getEncryptedUserSecretKeyShare to fetch public blockchain/network objects (user-generated/untrusted) whose contents (public_output, presign, encrypted shares, protocol params) are then parsed and used to drive signing transactions and follow-up actions, so third-party content can materially influence behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for blockchain wallet and transaction operations on Sui (Ika SDK). It defines dWallet creation (DKG), key registration, presign/sign flows, functions to build and submit transactions (IkaTransaction, coordinatorTransactions.*), and calls that sign-and-execute transactions (suiClient.core.signAndExecuteTransaction), including splitting/using coins (ikaCoin, suiCoin). These are concrete crypto/blockchain wallet and signing APIs (wallet management, signing and submitting on-chain transfers), which are direct financial execution capabilities.