account-opening-compliance

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). SKILL.md explicitly requires automated ingestion and interpretation of third-party vendor APIs and public data feeds (e.g., identity verification vendors, OFAC/SDN downloadable lists, PEP databases, and adverse media feeds) and uses those results to halt, route, or approve applications, thereby exposing the workflow to untrusted external content that can influence actions.