multiversx-cross-contract-calls

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill performs cross-contract calls to arbitrary contract addresses and ingests/decodes their returned data and back-transfers (e.g., via self.tx().to(&address).typed(...)/.raw_call(...).returns(ReturnsResult).sync_call() and callbacks receiving ManagedAsyncCallResult), which means it consumes untrusted third-party on-chain content that could indirectly inject instructions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a MultiversX transaction builder for smart contracts and includes direct token/payment operations: attaching EGLD/ESDT payments (.egld, .single_esdt, .payment, .esdt), issuing transfers (.transfer), performing swaps/deposits/withdrawals, delegations, minting tokens, and handling back-transfers. Those are concrete crypto/blockchain financial actions (sending/signing/moving tokens), not generic utilities—so it provides direct financial execution capability.