quote

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly performs WebFetch calls to public third‑party APIs (e.g., the KyberSwap Token API and honeypot/FOT API, the aggregator-api.kyberswap.com routes endpoint, and CoinGecko as a fallback) as required workflow steps and uses those JSON responses to determine token addresses, route selection, quoted amounts, and safety warnings, so external content can materially influence agent decisions.