x-2-earn-apps

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's reference files explicitly require ingesting and evaluating untrusted user-generated proofs (images and external links) — see references/ai-image-validation.md (vision-model multi-stage prompt for user-submitted photos) and references/sustainability-proofs.md (proofTypes/proofValues like "link" and "image" such as tweets or image URLs) — and those evaluations directly affect reward distribution decisions, so third-party content can influence agent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly about distributing token rewards and building on-chain transactions. It names B3TR token reward distribution, refers to "transaction building" and using @vechain/mcp-server for on-chain data and transaction building, requires registering reward distributors before distribution, and includes "fund management" and testnet reward distribution verification. Those are specific crypto/blockchain financial operations (creating/sending blockchain transactions and managing token distributions), so it grants direct financial execution capability.