token-security-analyzer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly ingests public on-chain and token metadata via DexPaprika MCP calls (e.g., getTokenDetails, getTokenPools, getPoolDetails, getPoolTransactions) and uses that untrusted, user-generated transaction/metadata to drive its risk verdicts, so third‑party content could materially influence agent behavior.