history

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches and syncs trades from public Polymarket and Kalshi APIs (see SKILL.md fetch/sync commands and index.ts 'case "sync"' which calls service.fetchTrades) and reads user-generated fields like marketQuestion/marketId (used in search and display), so untrusted third-party content is ingested and can influence which results and outputs the agent produces.