stellar-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's core workflows (see api-rpc-horizon.md and frontend-stellar-sdk.md) explicitly perform runtime fetches from public RPC/Horizon/indexer endpoints (e.g., rpc.getAccount, rpc.getLedgerEntries, rpc.getEvents, horizon.loadAccount and third‑party indexers like Mercury/SubQuery/StellarExpert) and then use those responses to build/simulate/submit transactions and make logic decisions, which exposes the agent to untrusted, public third‑party content that could influence actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for Stellar blockchain development and finance: it covers transaction building, signing, and submission; wallet integration (Freighter, Wallets Kit, Wallet Standard); Stellar RPC/Horizon APIs; XLM/Stellar asset issuance, trustlines, and asset management; and is optimized for payments, tokenization, and DeFi. These are specific crypto/blockchain tools and operations that enable sending value and managing wallets/accounts, so it provides direct financial execution capability.