opengfx

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documented workflows (e.g., "Create Social Assets" and BYOL/GFX/Mascot examples in SKILL.md and README) explicitly accept arbitrary external URLs such as brandSystemUrl, logoUrl, and master_url (e.g., https://.../brand-system.json or https://example.com/logo.png) which the service fetches and uses to extract colors/style and drive generation, so untrusted third‑party content is ingested and can materially influence subsequent tool behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill includes explicit crypto payment integration and flow: it requires USDC/SOL payments, documents an x402 HTTP 402 payment flow (POST → receive 402 → sign payment with a wallet → retry with X-Payment header), lists supported chains (Base USDC, Solana), provides a wallet address, and includes an SDK (@x402/fetch) example that wraps a wallet to perform signed payments. Those are specific, non-generic financial execution mechanisms (crypto payment signing and submission), so it grants direct financial execution capability.