@554/wallet

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill fetches balance and token data from public third‑party APIs (see tools/balance.py where proxied_get_with_retry calls pro-openapi.debank.com and public-api.birdeye.so) and those untrusted responses are returned to and used by wallet_balance / wallet_get_all_balances which can influence decisions such as whether to initiate or broadcast transactions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a multi-chain wallet with built-in capabilities to view balances, sign transactions/messages, and broadcast transfers on EVM chains and Solana. Tools listed include wallet_transfer ("Broadcast" EVM tx), wallet_sol_transfer ("Broadcast" Solana tx), wallet_sign_transaction/wallet_sol_sign_transaction, and other signing functions. It therefore provides direct crypto/financial execution (sending transactions, signing, and managing wallet policy), not a generic interface.