gmgn-market

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow's "Step 1 — Fetch trending data" explicitly instructs the agent to call gmgn-cli (npx gmgn-cli market trending --raw) to ingest public GMGN trending/token data from a third-party API and then analyze those records to drive selections and potential swaps, so untrusted external content directly influences decisions and tool use.