portfolio-sync

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md shows it fetching and ingesting public, user-generated market data from third-party APIs (e.g., https://gamma-api.polymarket.com, https://api.manifold.markets/v0, and Kalshi's trade API) and directly reads market titles/questions and probabilities into its workflow to compute/display positions and PnL, which could allow untrusted content to influence the agent's outputs and decisions.