wallet-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly instructs the agent to fetch and interpret wallet data from Zerion's public API endpoints (e.g., https://api.zerion.io/v1/wallets/{address}/portfolio and /transactions), which returns open/public blockchain- and user-generated content that the agent reads and uses to drive analysis and decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly crypto-focused: it is designed for Solana wallet analysis via Zerion and documents an x402 "Solana-funded no-key" path that uses a SOLANA_PRIVATE_KEY and x402 payment handshakes. That x402 flow indicates use of a wallet for pay-per-request payments (i.e., signing/paying with a crypto wallet). Because the prompt explicitly references wallet keys, Solana-backed x402 payment handshakes, and agent-native Solana-funded workflows (not merely generic read-only HTTP calls), it includes a specific crypto/wallet signing/payment capability and therefore qualifies as direct financial execution risk.