nfl-data

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly calls ESPN public endpoints (see SKILL.md and references/api-reference.md) — e.g., get_news, get_play_by_play, get_game_summary, get_schedule — which ingest and have the agent read arbitrary public/third-party content (articles, play descriptions, event data) that the agent uses to drive further calls and responses, so untrusted external content could indirectly inject instructions.