sablier-create-vesting

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly instructs the agent to check and use public Sablier documentation and deployment pages (e.g., "Check whether the user's desired chain is listed on https://docs.sablier.com/concepts/chains" and "check https://docs.sablier.com/guides/lockup/deployments.md") and to use those external webpages to resolve chain metadata, RPC endpoints and contract addresses, which the agent must read and which can materially influence transaction actions—exposing it to untrusted third-party content that could inject instructions indirectly.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to create on-chain token vesting streams and to "run onchain vesting-creation transactions on their behalf." It requires ERC-20 token addresses, deposit amounts, recipient addresses, chain selection, and routes execution to a CLI/onchain flow. This is a specific crypto/blockchain financial operation (locking/transferring tokens, creating streams that move value and mint NFTs) — i.e., direct transaction signing and token movement — not a generic tool. Therefore it grants direct financial execution capability.