grimoire-uniswap

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — the skill accepts and ingests data from user-specified public third-party sources (e.g., --source , --endpoint , and The Graph options like --subgraph-id/--graph-key), which the agent reads as part of tokens/pools workflows, exposing it to untrusted external content.