mtga-draft-helper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests public third-party data (e.g., the 17Lands card ratings API at https://www.17lands.com/card_ratings/data and Scryfall/set pages) as described in SKILL.md and references/17lands-api.md, and the agent is required to read and use that data to drive pick recommendations and deck-building decisions—so external, untrusted web content can materially influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill fetches live 17Lands JSON data at runtime (e.g., https://www.17lands.com/card_ratings/data and https://www.17lands.com/color_ratings/data), and those responses are directly used to generate pick recommendations and deck-building instructions, so external content controls the agent's prompts and is a required dependency.