p2p

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses public Binance P2P endpoints (e.g., GET https://www.binance.com/bapi/c2c/v1/public/c2c/agent/trade-methods and /ad-list) to read merchant/user-generated ads and payment-method data and uses those results to compare prices and drive agent decisions, exposing it to untrusted third-party content that could inject instructions indirectly.