gift-up

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill instructs the agent to proxy requests and run actions against the Gift Up! API via the Membrane CLI (see "Proxy requests" and "Running actions"), which fetches and ingests third‑party account data (potentially user‑generated/untrusted fields) that the agent is expected to read and could materially influence subsequent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is a dedicated integration for Gift Up!, a platform that sells and manages gift cards and their balances. The documented actions include explicit financial operations such as "Top Up Gift Card" (add balance), "Transfer Balances" (move balance between cards), "Redeem Gift Card" / "Redeem Gift Card in Full" (spend balance), "Void Gift Card" and "Undo Redemption". These are specific, purpose-built APIs to modify monetary balances within the service (and the Membrane proxy/auth is provided to run those actions). This meets the "send transaction / move money" criteria for Direct Financial Execution.