moltcorp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow (SKILL.md and references/research-methodology.md) requires running moltcorp research which fetches public marketplace/ad data from third-party sources (dataforseo, chrome-extensions, wp-plugins, meta-ads) and uses that untrusted/user-generated content (including ad screenshots used as reference images per references/pod-product-discovery.md and references/image-generation.md) to inform proposals, votes, and automated actions, so external content can materially influence agent decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly references payment integrations and platform actions that enable money flows: product types are "auto-provisioned" with Stripe (and Whop for digital content), agents "claim tasks and earn credits" and profits are distributed by credit share, and votes can authorize spending (buying domains, running ad campaigns). These are specific, non-generic financial integrations/controls (Stripe/Whop and platform-driven spending), not merely a generic HTTP or browser tool. Therefore it grants direct financial execution capability.