stellar-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (see api-rpc-horizon.md and frontend-stellar-sdk.md) explicitly instructs the agent to call public Stellar RPC/Horizon endpoints and third-party indexers (e.g., rpc.getAccount, rpc.getEvents, horizon.loadAccount, StellarExpert/Hubble/Data Lake URLs) to read account/ledger/event/contract data and then make transaction-building, simulation, and submission decisions based on that live, user-generated/public content, which meets the criteria for ingestion of untrusted third-party content that can influence actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for Stellar blockchain development and finance: it covers transaction building, signing, and submission; wallet integration (Freighter, Wallets Kit, Wallet Standard); Stellar RPC/Horizon APIs; XLM/Stellar asset issuance, trustlines, and asset management; and is optimized for payments, tokenization, and DeFi. These are specific crypto/blockchain tools and operations that enable sending value and managing wallets/accounts, so it provides direct financial execution capability.