openclaw-tradingview-quant

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and interpret financial news from the TradingView Data API (e.g., /api/news per references/api-documentation.md) and workflows such as workflows/deep-stock-analysis.md and workflows/event-analysis.md call tradingview_get_news and tradingview_get_news_detail to use that third‑party news to drive analysis and trading recommendations, which allows untrusted external content to materially influence actions.