frontend

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes code that fetches and ingests ABI/contract data and API responses from arbitrary URLs and public MultiversX API endpoints (e.g., "From URL" axios.get("https://example.com/contract.abi.json") and ApiNetworkProvider('https://devnet-api.multiversx.com')), which are open/public third-party sources the agent would parse (ABI and contract query responses), exposing it to untrusted, user-provided content that could carry indirect prompt injection.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a MultiversX dApp/frontend and SDK skillset focused on wallet integration, transaction construction, signing, and broadcasting. It contains concrete APIs and code examples for sending EGLD and ESDT tokens, signing transactions (provider.signTransactions, account.signTransaction), broadcasting transactions (TransactionManager.send, entrypoint.sendTransaction, controller.createTransactionForTransfer), token issuance, and Ledger integration. These are direct crypto financial execution capabilities (constructing/sending on-chain transfers), not generic tooling, so it meets the "Direct Financial Execution" criteria.