stacking-delegation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill repeatedly fetches and parses live PoX and address data from the public Hiro API (HIRO_API = "https://api.hiro.so" in stacking-delegation.ts and noted in SKILL.md) and uses those untrusted third-party responses to generate eligibility signals and agent decision steps (see AGENT.md), so external content can materially change the agent's actions.