foundry-solidity

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). SKILL.md explicitly instructs connecting to public RPC endpoints and forking mainnet (e.g., "anvil --fork-url https://eth-mainnet.g.alchemy.com/v2/KEY", "vm.createSelectFork(vm.envString("MAINNET_RPC_URL"))" and related forge/cast/chisel fork commands) which cause the agent/test-runtime to fetch and interpret public, user-generated blockchain state that can materially affect tests, scripts, and subsequent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for Ethereum/EVM development and includes concrete commands and APIs that sign and broadcast transactions. Examples: cast send $CONTRACT "transfer(address,uint256)" ... --private-key $KEY, forge create ... --private-key $KEY --broadcast, deploy scripts using vm.envUint("PRIVATE_KEY") with vm.startBroadcast/vm.stopBroadcast. These are specific crypto/blockchain wallet and transaction operations (signing, sending, deploying, transferring tokens/ETH), which constitute direct financial execution authority.