real-estate-investment

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow explicitly instructs the agent to "Gather data — Collect property financials, market data, and comps (use API reference if automating)" and the included references/market-analysis.md contains concrete code and endpoints that fetch open/public third‑party sources (Mashvisor, AirDNA, ATTOM, Rentcast, Redfin, Census), meaning the agent will read and act on untrusted external content that can materially influence analysis and tool use.