defi-portfolio

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). scripts/portfolio.js explicitly queries public protocol clients (e.g., ../../../scripts/saturnswap-client.js and ../../../scripts/strike-client.js) to ingest user-generated on‑chain orders, liquidity and positions from public Cardano protocols (SaturnSwap/Strike), which the agent reads and uses to produce portfolio outputs and decisions, exposing it to untrusted third‑party content.