raisely

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill instructs the agent to run Membrane actions and to proxy arbitrary requests to the Raisely API (see "Running actions" and "Proxy requests" sections, e.g., membrane request CONNECTION_ID /path/to/endpoint), which pulls data from a public third‑party platform (potentially user-generated) that the agent is expected to read and could influence subsequent behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). Raisely is a fundraising/donation platform and the skill explicitly exposes domain entities like Donation and Transaction and gives direct means to call Raisely API actions (via Membrane action run and proxy requests). Those capabilities let the agent create or manage donations/transactions (i.e., initiate or modify financial operations) rather than being a generic automation tool. Therefore this skill grants direct financial execution capability.