coinpaprika-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs the agent to use the public CoinPaprika MCP/API (https://mcp.coinpaprika.com/sse) and endpoints such as getCoinById, getCoins and search that return public coin descriptions, links and team info — untrusted third-party content the agent is expected to read and that could influence its decisions or follow-up actions.