minara

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts and processes arbitrary external URLs and API responses in its AI chat and x402 flows (see "minara chat """ in SKILL.md/examples.md and the x402 Payment Required parsing), meaning untrusted third‑party content and headers could be read and then influence CLI actions such as analysis, optional quick orders, or payment transfers.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The Minara skill is explicitly a crypto trading + wallet integration with built-in wallet and CLI commands that move funds. It defines and routes concrete fund-moving actions: swaps, transfers/payments, withdrawals, perp orders (open/close/deposit/withdraw), limit orders, credit-card on-ramps (MoonPay/on-ramp, "deposit buy"), and x402 payment flows. The documentation requires executing CLI commands that send transactions (e.g., minara transfer, minara withdraw, minara swap, minara perps order) and describes authenticating and performing real payments. This is a purpose-built financial execution tool (not a generic API caller or browser automation), so it grants direct financial execution capability.