currency-hedging-management

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The repo includes a required implementation task (evals/fx-rate-ingestion-service/task.md) and SKILL.md guidance that instruct the agent to fetch and ingest daily FX rates from public providers (e.g., openexchangerates.org / ECB), meaning the agent will read untrusted third‑party data that can materially influence downstream rate-dependent logic.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly about managing and executing FX-related financial actions. It names specific payment gateways and banking services (Stripe, PayPal, Wise Business, Airwallex, business banks) and gives step-by-step instructions to perform money-moving actions such as configuring multi-currency payouts, converting funds in Stripe and PayPal, and using Wise/Airwallex forward contracts to lock rates. These are concrete, service-specific financial operations (payment gateway/banking features and forward contracts), not generic tooling, so it grants direct financial execution capability.