subsystem-summary-of-scp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's runtime explicitly ingests and interprets untrusted network "envelopes" from other SCP nodes via SCP::receiveEnvelope and the "Inbound Envelope Processing" flow in SKILL.md, and those messages directly drive state transitions, timers, and emitted actions in the protocol, so third-party content can materially influence behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is a detailed implementation of the Stellar Consensus Protocol (SCP), a blockchain consensus subsystem used by the Stellar ledger. It exposes crypto-specific operations (e.g., node identity/public key, SCPDriver::signEnvelope, emitEnvelope/broadcast of signed envelopes, value wrappers for ledger values, quorum management) that are part of a blockchain consensus and message-signing flow. Because this is a domain-specific blockchain component (not a generic tool) and includes explicit signing/broadcasting of protocol envelopes, it meets the criterion for crypto/blockchain execution capability.