near-connect-hooks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Guestbook example calls viewFunction to fetch messages from a public smart contract (CONTRACT = "guestbook.near-examples.testnet") via public RPC endpoints (e.g., https://free.rpc.fastnear.com), thereby ingesting user-generated, untrusted on-chain content that the agent/UI reads and displays.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a NEAR Protocol wallet integration library with built-in crypto wallet operations: token transfers (transfer, Actions.transfer, callFunction with deposit), signing and sending transactions (signAndSendTransaction / signAndSendTransactions), NEP-413 message signing (signNEP413Message), access-key management (addFunctionCallKey, addFullAccessKey, deleteKey), and balance retrieval. These are specific blockchain/crypto wallet APIs designed to move funds and authorize transactions, so it grants direct financial execution capability.