Hedera Plugin Creation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's get-token-info tool fetches live data from a public mirror node (examples/token-plugin/tools/get-token-info.ts calls fetch(${mirrorNodeUrl}/api/v1/tokens/${params.tokenId})), parses the JSON, and directly uses that untrusted/public token metadata in its postProcess output, so the agent ingests and interprets third-party content at runtime.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to create Hedera plugins that perform on-ledger operations. It documents mutation tools for token creation, minting, transfers, account creation/updates, and submitting transactions via the Hedera SDK (imports like @hashgraph/sdk, Client) and helper functions such as handleTransaction/transactionToolOutputParser. Those are specific blockchain/crypto transaction capabilities (signing/sending state-changing transactions), so this grants direct financial execution authority.