tron

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill instructs agents to fetch and act on public, user-generated blockchain data (e.g., TronGrid v1 REST endpoints such as GET /v1/contracts/:address/events and node HTTP wallet APIs like wallet/getaccount and GetExchangeById mentioned in the Features/Usage sections), and it expects the agent to read and use that data to build transactions/trades, so untrusted third‑party content can materially influence subsequent tool use.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly about TRON blockchain functionality including account models, signing, transaction types, token standards (TRC-10/TRC-20), DEX operations (create/trade/withdraw), and HTTP wallet APIs and wallet-cli for signing and broadcasting transactions. Those are specific crypto wallet/transaction capabilities (signing and sending transactions, token transfers, swaps) that enable moving value. This meets the criteria for direct financial execution.