moonpay-swap-tokens

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly "builds unsigned transaction via swaps.xyz" (see "How it works" in SKILL.md), meaning it fetches transaction-building data from a public third-party site whose responses could influence subsequent signing and broadcast actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to perform crypto financial operations: it provides commands to swap tokens and bridge tokens across chains, resolves wallets, builds unsigned transactions via swaps.xyz, handles ERC20 approvals, signs transactions locally with private keys, and broadcasts them to networks. These are direct crypto transaction execution capabilities (wallet management, signing, broadcasting, and swaps/bridges), so it grants direct financial execution authority.