manifold-nft-minting

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's runtime workflow explicitly fetches product data from Manifold's public API (client.getProduct / product.fetchOnchainData as shown in SKILL.md and the full-docs references) and ingests off-chain, creator-provided metadata and transaction/step data (asset URLs, product rules, preparedPurchase steps) which the agent reads and uses to decide/execute transactions (preparePurchase → purchase / step.execute), exposing it to untrusted third‑party, user-generated content that can change behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to perform blockchain financial transactions: it guides integration of Manifold's client-sdk for minting NFTs across Ethereum and other chains, instructs use of wallet/provider adapters, RPC node setup, handling ERC‑20 approvals, and the preparePurchase → purchase (and step.execute()) transaction flow. It also discusses storing private keys in environment variables, building minting bots, and confirming/displaying costs before executing purchases. These are specific crypto/blockchain execution capabilities (wallet signing and sending transactions), not generic tooling.