query

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill fetches public, user-generated blockchain data from the Hiro API (api.mainnet.hiro.so) — e.g., getAccountTransactions, getContractInfo/getContractInterface, getContractEvents, getMempoolTransactions and callReadOnlyFunction in query.ts and SKILL.md — and the agent reads and uses that data (contract ABIs, events, transactions, mempool fees) to decide actions such as which functions to call and which fees/nonces to use, so untrusted third-party content can materially influence behavior.