wallet-policy

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly and specifically designed for blockchain wallet policy management. It defines and uses concrete methods like eth_sendTransaction, signAndSendTransaction, eth_signTransaction, eth_signTypedData_v4, exportPrivateKey, and includes policies that allow/deny on-chain transfers, signing, and token transfers (EVM and Solana). It also mandates calling the wallet_propose_policy tool to propose policy changes that can enable or restrict transaction execution (including a wildcard "ALLOW" policy). This is a crypto/wallet-specific capability to control on-chain financial operations, not a generic tool, so it constitutes direct financial execution authority risk.