dapp-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly configures and uses public indexer endpoints and wallet-provided URIs (e.g., https://indexer.testnet-02.midnight.network/api/v1/graphql and walletApi.serviceUriConfig()) and its workflow (publicDataProvider, contract.state, watchContractState, getTransaction) reads and reacts to on-chain/public data (user-generated transactions/state), which could materially influence subsequent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for dApp (blockchain) integration: it includes wallet connectivity (checking window.midnight.mnLace, connector.enable()), provider and contract APIs, and contract deployment/interaction flows. Those elements are specific crypto/blockchain capabilities that enable signing and sending on-chain transactions (deploying contracts, calling circuits), not generic tooling. Therefore it provides direct financial execution capability.