pubfi-crypto-project-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly instructs the agent to pull and interpret live data from public third-party sources — e.g., CoinGecko and DefiLlama APIs, Dune/Flipside dashboards, governance forums/blogs, and explorer pages like Etherscan — which are open/public and can include untrusted or user-generated content that the agent will read as part of its workflow.