trust-wallet-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md and references (notably references/swap-quote.md Execution Flow and endpoints) require the agent to fetch live data and executable transaction steps from the public Trust Wallet API (tws.trustwallet.com), and to select and execute routes/transactions based on that third-party response — meaning untrusted external content can directly influence tool use and next actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a crypto-focused API (Trust Wallet) covering token search, prices, and—critically—"swap quotes, routes, step transactions" across 100+ blockchains with authenticated REST endpoints. Those features are specific to blockchain financial operations (swaps/transactions) rather than generic data tooling. Because it provides swap-related endpoints and transaction steps (i.e., functionality tied to creating/executing crypto transfers/swaps), it meets the definition of Direct Financial Execution capability.