visual-tx

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflow explicitly fetches and ingests JSON from the public API "https://mevscan.matroos.xyz/api/tree/<tx_hash>" (SKILL.md step 1) and then parses that untrusted third‑party trace data to drive parsing, visualization choices (nested tree vs Mermaid), and subsequent rendering/behavior, so external content can materially influence the agent's actions.