token-lifecycle

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs using the public "Doppler deployments" GitHub repo (https://github.com/whetstoneresearch/doppler/tree/main/deployments) as the "contract source of truth," which requires the agent to fetch and interpret open/public repository content that can materially influence deployment decisions (addresses/revisions).

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly about crypto token lifecycle: selecting token factories, deploying token contracts, vesting schedules, and inflation/mint behavior (including "inflation mint" and initial mint windows). Those are crypto-specific operations that enable issuing/minting tokens and controlling token flows. Although it doesn't list low-level RPC calls or wallet commands, its primary and explicit domain is blockchain token issuance and vesting (direct financial operations), so it presents direct financial execution risk.