global-trade-data

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documentation and code examples (e.g., references/apis/un-comtrade.md and references/apis/global-trade-alert.md) show the agent fetching and ingesting data from public third‑party APIs/websites (UN Comtrade, Global Trade Alert, WITS, UK Trade Tariff, TariffsAPI) and then using those responses to drive analysis, aggregation, classification, and follow‑on actions, which exposes it to untrusted third‑party content that could indirectly inject instructions.