cardano-cli-wallets

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The script scripts/cardano-cli.sh will, at runtime, pull and run the remote container image ghcr.io/intersectmbo/cardano-node:latest (via CARDANO_DOCKER_IMAGE) which executes remote code inside Docker, so this is a runtime external dependency that can run code.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly about Cardano wallet operations: it provides concrete templates for generating payment and stake keys (.skey/.vkey), building addresses, and querying UTxOs. These are crypto wallet primitives (key management and address creation) that are specifically designed for managing cryptocurrency funds and enable financial actions (e.g., controlling keys that can sign transactions). Even though the doc claims "no execution," it contains precise, wallet-specific commands and a Docker wrapper to run cardano-cli, so it is not a generic utility — it is a crypto-wallet guidance tool. Therefore it meets the "Crypto/Blockchain (Wallets, ... Signing)" criterion for Direct Financial Execution risk.