paystack-testing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs runtime calls to the public Paystack API (https://api.paystack.co) and to accept external webhooks via a tunnel (ngrok/localtunnel), and the examples parse and act on those incoming webhook/API payloads (e.g., calling processPayment), so untrusted third‑party content can influence agent behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a Paystack payment-integration testing guide and includes concrete API calls and helper code that initialize transactions, create customers/plans, create transfer recipients, and initiate transfers via Paystack endpoints using secret keys (e.g., /transaction/initialize, /transferrecipient, /transfer). It provides test secret keys, test card numbers, and a paystackRequest helper that performs authenticated requests. Although many examples use test mode, the skill is specifically designed for a payment gateway and contains functions to send transactions/transfers (i.e., move money via the Paystack API).