ERC-8004 Reputation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's leaderboard command (cmd_leaderboard) fetches and parses public, user-populated data from the Agentscan API (https://agentscan.info/api/agents) and displays agent names/tags/descriptions from that source, so it clearly ingests untrusted third-party content that could contain injected instructions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). This skill explicitly performs on-chain (blockchain) write operations and requires wallet credentials. It documents env vars for ERC8004_MNEMONIC / ERC8004_PRIVATE_KEY, depends on web3 and eth-account, lists contract addresses and gas costs, and offers commands that perform state-changing actions (give, revoke) against the on-chain Reputation Registry across Ethereum-compatible chains. Because it includes explicit wallet signing/transaction capabilities (crypto/blockchain signing), it meets the "Direct Financial Execution" criterion.