inscription-queue-watcher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests public, potentially user-generated briefs from https://aibtc.news/api/brief/* and on-chain status from https://mempool.space/api/tx/* (see fetchBrief, fetchArchiveRoot, checkInscriptionOnChain and the SKILL.md/AGENT.md run workflow), and those remote fields are parsed and used to drive classification results and alerting decisions (red[]/notify), so untrusted third‑party content can materially influence agent decisions.