subsquid

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow shows runtime ingestion of external, untrusted content — e.g., configuring setRpcEndpoint()/setGateway() to read chain data (references/core-evm-processor.md), using squid-evm-typegen to fetch ABIs from Etherscan or arbitrary URLs (references/features-evm-typegen.md), and sqd init accepting GitHub template URLs (references/features-cli.md) — all of which can materially alter decoding and processing behavior.