megaeth-developer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly ingests public, untrusted content (e.g., realtime mini-blocks via the WebSocket 'wss://mainnet.megaeth.com/ws', Kyber aggregator API calls to https://aggregator-api.kyberswap.com/megaeth/api/v1, and public token lists on GitHub) and the code/flows parse and act on those responses as part of normal operation, exposing the agent to potential indirect prompt injection from user-generated blockchain data or third‑party API responses.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed for blockchain financial operations. It includes wallet setup/management, signing and submitting transactions (eth_sendRawTransactionSync / "sign locally → eth_sendRawTransactionSync"), token swaps via the Kyber Network aggregator, bridging ETH, and RPC methods for sending and monitoring transactions. These are specific crypto/blockchain execution capabilities (wallets, swaps, signing, transaction submission), so it grants direct financial execution authority.