gate-info-riskcheck

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Execution Workflow (Mode A) explicitly calls info_compliance_check_token_security and info_coin_get_coin_info (SKILL.md — "Step 2: Call 2 MCP Tools in Parallel") to ingest public on‑chain and project data (token metadata, descriptions, listings and risk items) that the LLM directly reads and uses to generate risk decisions, so untrusted, user-controlled third‑party content can materially influence agent behavior.