risk-assessment

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow explicitly ingests public DefiLlama data (e.g., defillama:get_events, defillama:get_oracle_metrics, defillama:get_treasury, get_protocol_metrics, get_yield_pools) and the agent reads and uses that third-party protocol content to drive risk assessments, so untrusted open-web data could indirectly influence its decisions.