kalshi

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly fetches and ingests market/event data from public third-party APIs (api.elections.kalshi.com and gamma-api.polymarket.com) and uses those titles/fields in its workflow to compute and interpret odds, so it consumes untrusted external content that could carry indirect prompt-injection vectors.