bite-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill ingests and processes user-submitted, untrusted payloads from the public BITE/SKALE network (e.g., the onDecrypt(...) callback in rules/bite-conditional-transactions.md and calls like getDecryptedTransactionData in bite-sdk-usage.md that read decrypted transaction data), so the agent reads and interprets third-party, user-generated content as part of its workflow.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for building and submitting blockchain transactions (Phase I encrypted transactions and Phase II Conditional Transactions/CTX) on SKALE. It references specific SDKs/libraries (@skalenetwork/bite, bite-solidity, bite-ts), concrete chain IDs and contract addresses (e.g., BITE Submit CTX), and an encryptTransaction() flow and CTX contract patterns. These are specific crypto/blockchain tools for creating and executing on-chain transactions (signing/submitting conditional transactions), not generic tooling, so it provides direct financial execution capability.