pg-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required verify step (SKILL.md) runs commands like proxygate pricing against the public gateway (https://gateway.proxygate.ai) and the CLI/commands reference includes browsing API listings/docs (proxygate apis, proxygate listings docs <id>, proxygate jobs list), which are user-generated marketplace content the agent is expected to read and that could influence subsequent tool use (selecting/proxying APIs or jobs), exposing it to untrusted third-party input.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly about configuring a Solana wallet/keypair and the ProxyGate CLI for an API marketplace that buys and sells capacity using USDC on Solana. It includes concrete crypto-specific actions (generate solana keypair, configure keypair path, check balance, and instructs to "deposit USDC" and use /pg-buy to purchase API access). These are crypto/blockchain wallet and transaction-related capabilities (key management and payment operations), not generic tooling, so it grants direct financial execution authority.