vectorbt-expert

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests data from public third-party sources (e.g., OpenAlgo client.history, yfinance downloads, CCXT exchange.fetch_ohlcv, and a custom provider via requests in rules/data-fetching.md and SKILL.md), and that untrusted market data is parsed and used directly to generate indicators, signals, and backtest decisions—so external content can materially influence tool behavior.