decode-bsv-transaction

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's scripts/decode.ts clearly fetches transaction hex from public third-party endpoints (https://junglebus.gorillapool.io/v1/transaction/get/{txid} and https://api.whatsonchain.com/v1/bsv/main/tx/{txid}/hex) and then decodes and acts on that untrusted, user-provided blockchain data as part of its workflow, so third-party content can influence parsing/output.