web3-dapp

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly tells the agent to ask the user for a WalletConnect Project ID and to create a .env.local containing that project ID (and documents optional API keys), which requires the LLM to embed secret/API key values verbatim into generated files/outputs.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill fetches and displays NFT metadata and images from a public third‑party API (examples/hooks/use-nfts.ts builds Alchemy URLs using NEXT_PUBLIC_ALCHEMY_API_KEY and examples/components/nft-card.tsx / nft-grid.tsx render untrusted NFT name/description/image/attributes), which are user-generated/untrusted content that the agent will read and present as part of normal workflow.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a Web3 DApp development guide for NFT/DeFi/smart-contract interactions and includes concrete, specific functionality to execute on-chain financial transactions. It requires WalletConnect integration and wagmi/viem libraries, and provides explicit examples that invoke writeContract/useWriteContract to perform transfers, swaps, staking/unstaking, and transaction submission (e.g., TransferButton calling transfer, staking page calling stake/unstake, swap UI). These are direct crypto transaction/signing APIs and therefore constitute Direct Financial Execution capability.