orbiter-sign-template

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly states that "nonce and gas/fee fields can be filled from RPC" and accepts an rpcUrl input, meaning the agent will fetch and consume data from external RPC endpoints (third-party URLs) which can materially change transaction templating and downstream actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly generates signable cryptocurrency transaction templates (includes nonce, gas/fee, tx and quote) and is designed for blockchain transfers (bridge sign-template). This is a crypto/wallet signing capability intended to construct transactions that move funds, so it meets the definition of Direct Financial Execution.