pubfi-wallet-portfolio-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches and consumes data from public third-party sources—Zerion API (via zerion-portfolio.py) for wallet positions and explicitly DefiLlama (api.llama.fi) and rekt.news for protocol info/incidents—and the agent reads and interprets that untrusted external content to calculate risk and generate reports, creating an avenue for indirect prompt injection.