turbo-transforms

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly documents and demonstrates the fetch_abi(url, format) function (see SKILL.md "Key SQL Functions" and references/sql-functions.md) and shows using its output as the ABI/IDL input to decoding functions like _gs_log_decode/_gs_decode_instruction_data, which means arbitrary public URLs can be fetched at runtime and their untrusted JSON can be interpreted by transforms and materially change decoding and downstream behavior.