ordfs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and example code (examples/fetch-content.ts and examples/recursive-inscription.html) instruct use of the public ORDFS gateway (https://ordfs.network) — including /content and /preview endpoints that fetch and render arbitrary on-chain HTML/JSON and recursive inscriptions — so untrusted, user-generated third‑party content is read and can materially influence agent behavior.