monitor-etf-holdings-drawdown-risk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly scrapes and ingests open/public third‑party content (e.g., MacroMicro and ETF issuer sites like iShares via Selenium in scripts/fetch_etf_holdings.py, Yahoo Finance via yfinance in scripts/fetch_prices.py, plus COMEX/LBMA and retail sites listed in references/data-sources.md) and the agent reads and uses that scraped data in its analysis, creating a clear pathway for untrusted external content to influence execution.