cairo-testing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The "Fork Testing" examples instruct tests to connect to live Starknet nodes (e.g., fork(url: "https://starknet-mainnet.g.alchemy.com/v2/YOUR_KEY")) which fetch and interpret public blockchain state—untrusted, user-generated third-party content—during test execution.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for testing Cairo smart contracts on Starknet and includes concrete APIs/actions that perform blockchain financial operations: deploying contracts, calling ERC20 functions (transfer, approve, deposit), executing AMM.swap, and fork-testing against mainnet state. These are explicit crypto/blockchain transaction capabilities (token transfers/swaps and on-chain deployments), not generic tooling, so it grants direct financial execution authority.