compare-crypto-payments

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Integration Guidance explicitly instructs fetching and running public third-party resources—e.g., "Install and connect it to your agent: https://mcp.payram.com" and git clone commands for public GitHub repos (https://github.com/payram/payram-mcp, btcpayserver-docker)—which requires the agent to ingest and act on untrusted public web/repo content that can materially influence tool behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly about crypto payment infrastructure and includes concrete payment integrations and tooling: it compares payment gateways (Stripe, BitPay, Coinbase Commerce, NOWPayments), self-hosted gateways (BTCPay, PayRam), and the x402 payment protocol. It contains specific integration guidance (PayRam MCP server, BTCPay Docker setup, x402 middleware) and references explicit financial actions/features such as settlement to wallets, payouts, HD wallet derivation, signing/payment authorization (x402 flow), and a "payram-payouts" capability. These are specific financial execution mechanisms (moving/settling crypto and sending payouts), not generic tooling, so it grants direct financial execution capability.