mempool

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill explicitly fetches and streams public, user-generated blockchain and mempool data from mempool.space via its REST and WebSocket APIs (see references/core-rest-api.md and references/core-websocket.md) — including address/tx endpoints and push/acceleration POSTs (features-blocks-transactions.md, features-addresses.md, features-acceleration-services.md) — which the agent is expected to read and can materially influence actions like broadcasting or tracking transactions, so untrusted third-party content could indirectly influence agent behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill exposes explicit Bitcoin/Liquid blockchain operations including "push tx" (broadcasting transactions), RBF (replace-by-fee), and optional "wallet/stratum" service and accelerator APIs. Broadcasting/sending transactions (and wallet APIs) are direct crypto execution capabilities — i.e., functions to move funds on-chain — so this is a direct financial execution risk.