subsystem-summary-of-overlay

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill documents accepting and reading messages from arbitrary network peers (e.g., TCPPeer read handlers, Peer::recvMessage, ItemFetcher/Tracker fetches and DNS-resolved peer lists in SKILL.md), so untrusted third-party peer-generated content is ingested and can directly influence actions like demands, broadcasts, fetches, and flow-control behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is a specific implementation of Stellar's overlay (peer-to-peer) network layer and explicitly exposes functions for handling and propagating blockchain transactions: broadcastMessage(tx_msg, hash), recvTransaction, TxAdverts/TxDemandsManager (FLOOD_ADVERT / FLOOD_DEMAND / TRANSACTION), ItemFetcher for tx sets, plus crypto primitives (Curve25519 ECDH, HMAC, BLAKE2 hashing, signature caching/verification). Those are explicit, purpose-built blockchain/transaction operations (i.e., sending/relaying transactions), not generic networking or HTTP callers. Per the decision logic ("Send Transaction" / Crypto/Blockchain), this constitutes direct financial execution capability.