sablier-create-vesting

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (SKILL.md) explicitly tells the agent to consult public web resources — e.g., the "Creation Fee" section instructs "use web search to find the current price" and the routing/validation steps direct checking external pages like https://docs.sablier.com/concepts/chains and https://docs.sablier.com/guides/lockup/deployments.md — so the agent will fetch and interpret open/public third-party content that can change transaction decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to create on-chain token vesting streams and to "run onchain vesting-creation transactions on their behalf." It requires ERC‑20 token addresses, deposit amounts, chain selection, and routes execution to an EVM CLI for performing the on‑chain operations. These are specific crypto/blockchain financial actions (moving/locking tokens and minting NFTs) and therefore constitute direct financial execution capability.