fastapi-full-stack

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill clearly ingests untrusted third-party/user-generated content — e.g., webhook handlers in app/routes/payments.py (stripe_webhook) and JazzCash/EasyPaisa notify endpoints plus the WebSocket chat endpoint in references/EXAMPLES.md (routes/chat.py) — and parses those payloads/messages to update database state and trigger follow-up actions, so external content can materially influence runtime behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly includes payment gateway integrations and code for handling financial transactions: it lists Stripe, JazzCash, and EasyPaisa in the description and PAYMENTS.md; defines payment-related models, services, and routes (app/models/payment.py, app/services/payment_service.py, app/routes/payments.py); includes Stripe webhook handling and references to handling checkout.session.completed and charge.refunded; and requires environment secrets like STRIPE_SECRET_KEY / STRIPE_WEBHOOK_SECRET. These are specific, non-generic payment APIs and thus constitute direct financial execution capability.