detect-us-equity-valuation-percentile-extreme

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches and parses public third‑party web data as part of its runtime (e.g., scripts/fetch_valuation_data.py and scripts/valuation_percentile.py pull Shiller data from http://www.econ.yale.edu/~shiller/data.htm, FRED CSV endpoints at fred.stlouisfed.org, Yahoo Finance via yfinance, and the docs mention scraping Multpl/MacroMicro), so it ingests open/public third‑party content which the agent reads and incorporates into analysis, creating a clear avenue for indirect prompt injection.