wnba-data

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly ingests content from ESPN public endpoints (see SKILL.md "WNBA data via ESPN public endpoints" and commands like get_news and get_play_by_play), meaning the agent reads open/public third‑party pages/articles and play descriptions as part of its workflow, which could allow indirect prompt injection from that untrusted external content.