my-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to GET discovery endpoints from external URLs (e.g., https://proxy.fluxapay.xyz/api/... ) so the agent will fetch and interpret third-party responses that can determine subsequent tool calls and behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly references payment execution tooling: it requires the agent to handle an "x402 payment flow" to use agent-pay tools, points to ./fluxa-wallet/X402-PAYMENT.md, and references payout and payment-link operations (./fluxa-wallet/PAYOUT.md, ./fluxa-wallet/PAYMENT-LINK.md). Those are specific payment/wallet operations (sending payments, payouts, payment links) rather than generic API callers or browser automation, so the skill grants direct financial execution capability.