mesh-transaction

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs using external fetchers/providers (e.g., BlockfrostProvider in PATTERNS.md and SKILL.md constructor options) and shows code that fetches on-chain UTxOs and deserializes on-chain datums (TRANSACTION.md / "Reading On-Chain Datum"), meaning the agent will fetch and interpret public, user-controlled blockchain data which can materially affect transaction-building decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a Cardano transaction builder (MeshTxBuilder) with methods for sending ADA, minting tokens/NFTs, spending Plutus scripts, staking/delegation, withdrawing rewards, governance voting, DRep registration, and includes a submitter option for submitting transactions. These are specific crypto/blockchain financial operations (constructing and submitting on-chain transactions), not generic tooling. Therefore it grants direct financial execution capability.