analyzing-nft-rarity

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests public, user-generated NFT metadata from third‑party sources (OpenSea API, Alchemy NFT API, and IPFS gateways) as shown in SKILL.md and implemented in scripts/metadata_fetcher.py (_fetch_with_ipfs_fallback, fetch_collection_opensea, fetch_token_metadata), and that untrusted content is parsed and used to compute rarity scores which directly affect rankings/decisions.