etf-premium

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches ETF market prices and NAVs from Yahoo Finance via the yfinance library (see SKILL.md and code snippets using yf.Ticker().info and navPrice), and the agent reads and interprets those public third‑party values to compute premiums/discounts and drive analysis, so untrusted external content can materially influence its behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill executes a runtime pip install for yfinance (which is fetched from PyPI — e.g. https://pypi.org/project/yfinance) and then imports/uses that package, meaning remote code is fetched and executed at runtime as a required dependency.