optimizing-defi-yields

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches live data from public third-party APIs (e.g., DeFiLlama's https://yields.llama.fi/pools and CoinGecko) — see protocol_fetcher.py, config/settings.yaml, and SKILL.md — and the agent reads and uses that untrusted external data to calculate APYs, risk scores, and make recommendations, so those external contents can materially influence its decisions.