starkzap-sdk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires interacting with external endpoints (e.g., running wallet.preflight and validating sponsorship metadata from a paymaster/serverUrl in SKILL.md and references/sponsored-transactions.md, and fetching pool configs via fetchPoolConfig in references/staking-reliability.md), so untrusted third‑party responses are read and can directly change execution decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a blockchain wallet/SDK focused on executing on-chain financial operations. It documents wallet lifecycle and signer setup, wallet.execute / wallet.preflight / TxBuilder APIs, ERC20 transfer helpers (transfer, Amount.parse), staking operations (enter/add/exit), sponsored-paymaster flows, and examples showing account signing with private keys and submitting transactions. These are specific crypto transaction primitives (wallets, signing, sending transactions, token transfers, staking) — i.e., direct financial execution capabilities.