check-wallet

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly queries Turnkey and public on-chain RPC endpoints (see SKILL.md commands like npx @openant-ai/cli@latest wallet balance --json and the --solana-rpc/--evm-rpc <url> options) and is expected to parse that JSON to decide actions (e.g., "check if you have enough USDC before creating a task"), so untrusted RPC/web responses could materially influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill requires running "npx @openant-ai/cli@latest" at runtime, which fetches and executes remote npm package code (a required dependency), so this external dependency can run remote code and thus poses a runtime execution risk.