cross-chain-arbitrage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill ingests live, public third-party data as part of its required workflow—e.g., OnchainOS dex-market price, OKX market_get_ticker/orderbook, GoPlus check_token_security, and bridge/DeFiLlama APIs are queried in the Pre-flight and Step 3 data-collection flows—and those untrusted public inputs directly drive decision logic (blocking, ranking, and recommended actions), creating a clear vector for indirect prompt injection.