proceeds-split-migration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly directs the agent to "Use Doppler deployments (https://github.com/whetstoneresearch/doppler/tree/main/deployments) as the contract source of truth," indicating the agent is expected to fetch and interpret public GitHub deployment data (untrusted third-party content) which can materially change addresses and subsequent migration actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is specifically about configuring and verifying smart-contract flows that move value: it references ProceedsSplitter, TopUpDistributor, UniswapV4MigratorSplit and describes actions that transfer funds (e.g., "_distributeSplit(...) transfers split share to recipient", "TOP_UP_DISTRIBUTOR.pullUp(...) forwards cumulative top-ups", and configuring approvals via setPullUp). These are explicit, contract-level crypto/blockchain operations to send/route proceeds, not generic tooling. Therefore it grants direct financial execution capability.