honeypot-detection-techniques

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to check "verified source on explorers," inspect "transaction history" and on-chain mint layout/IDL from public blockchain explorers (e.g., Etherscan/Solscan), which are untrusted public third-party sources the agent is expected to read and use to make decisions.