fortytwo-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill sends user queries to an external MCP endpoint (GATEWAY "https://mcp.fortytwo.network/mcp" called from scripts/fortytwo_query.py and described in SKILL.md), consumes and displays the returned third‑party text as the primary answer and instructs the agent to act on it, so untrusted remote content can materially influence behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly performs on-chain payments and requires wallet signing: it charges per-token in USDC on Base/Monad, instructs setting an evm_private_key env var, references wallet setup, low USDC balance, and EIP-712 signing/payment details. These are specific crypto/blockchain transaction capabilities (signing and sending payments), so it grants direct financial execution authority.