aicoin-market

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly runs scripts (e.g., scripts/twitter.mjs, scripts/news.mjs, scripts/airdrop.mjs, scripts/drop_radar.mjs) that call the public AiCoin Open API (open.aicoin.com) to fetch Twitter posts, news, airdrop/project listings and other open/web/user-generated content which the agent is expected to read and which can materially influence its outputs and next actions as mandated in SKILL.md.