starknet-react-rules

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 1.00). The prompt includes a "Memory Protocol" that mandatorily instructs the agent to read a local file (cat .claude/...) and to change its internal assumptions ("ASSUME INTERRUPTION"), which are explicit, out-of-scope directives that alter agent behavior and access local memory—constituting a deceptive/behavior-overriding injection relative to the stated code-review purpose.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly focused on Starknet blockchain integration and enforces patterns for contract interactions and transaction lifecycle handling (wallet validation, pending/confirmed/rejected states, TypeScript types from ABI, transaction error handling). These are specific to crypto/blockchain operations (wallets, signing and sending contract transactions), not generic tooling, so it provides direct financial execution capability.