searcher-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill requires the agent to call external builder endpoints (e.g., GET /eth/v1/builder/header and POST /eth/v1|v2/builder/blinded_blocks against a configurable base URL) to fetch SignedBuilderBids and execution payloads from external builders/relays, which are untrusted third‑party sources and whose returned content directly drives signing, selection, and submission decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly an Ethereum Builder API implementation covering validator registration, getHeader/bidding, BuilderBid and SignedBuilderBid types, and submitting signed blinded blocks. These are blockchain-specific operations (bids, signed payloads, submitting execution payloads) that involve signing and submitting transactions/payloads on a crypto network. This is not a generic API or browser tool — it is specifically designed for crypto/blockchain execution-related activities. Therefore it qualifies as direct financial execution capability.