obul-proxy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill proxies arbitrary upstream HTTP endpoints via the Obul proxy (see "Proxy a Request" and the Base URL https://proxy.obul.ai/proxy/{scheme}/{host} in SKILL.md), meaning the agent will ingest untrusted public third-party responses that could contain instructions able to influence its actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly built to route requests through a proxy that "handles x402 discovery and payment flow automatically" and "negotiate[s] and process[es] payments for per-request micropayments." It requires an Obul API key, returns 402 Payment Required for upstream payments, and tells users to ensure their Obul account has sufficient balance. This is a specific payment-processing capability (automatic payment negotiation/execution), not a generic tool, so it grants direct financial execution authority.