football-betting-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill requires running build_match_context.py which scrapes and ingests public FlashScore content (e.g., final_context.preview from FlashScore DOM and Get_Match_Commentary/other MCP endpoints) and the model is explicitly instructed to read and use those fields in its 8-layer analysis, so untrusted third-party page text could plausibly influence decisions and tool-driven outputs.