citrea-claw-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill directly reads public on-chain data (via the Citrea RPC endpoint https://rpc.mainnet.citrea.xyz and RedStone on-chain feeds) and DEX factory logs (client.getLogs in src/commands/pools.js and readContract calls across src/) — untrusted, user-generated blockchain content that the code parses to detect arbitrage and trigger actions (e.g., sendTelegram), so third-party content materially influences decisions and tool use.