codex-supergraph

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly issues authenticated GraphQL queries and WebSocket subscriptions to the public endpoint https://graph.codex.io/graphql (see SKILL.md and references/*.md) and consumes token/pair/event/holder text fields as part of its workflow, so untrusted third-party data could influence the agent's decisions or actions.