skale
Warn
Audited by Snyk on Mar 5, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill's agents-on-skale workflow (rules/agents-on-skale.md) contains a BasicAgent.accessResource implementation that fetches arbitrary URLs (fetch(url)), parses the returned JSON, and uses that data in agent workflows (including agent-to-agent requests and scheduled tasks), which clearly exposes the agent to untrusted public web content that can influence payments and subsequent actions.
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). The skill is explicitly for blockchain development and on-chain asset movement. It references specific crypto execution capabilities: "bridging assets via skale-bridge" /
bridge-skale-bridge(asset movement), "Implementing automated on-chain transactions" andx402-automation(automated transactions), "web-wallet-connection" and "web-transaction-handling" (wallet signing/tx submission), Web3 SDKs/RPC endpoints, and a Foundry deploy example that uses--private-keyand--broadcast(signing and sending transactions). These are concrete, domain-specific tools and commands for creating, signing, and broadcasting crypto transactions and moving assets — which meet the definition of Direct Financial Execution (crypto/blockchain operations).
Audit Metadata