finnhub

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly exposes fetching public third‑party content (e.g., "Get Company News", "Get General News", "Transcripts"/"Transcript Sentiment" and the "Proxy requests" to Finnhub API) via Membrane, so the agent will read untrusted external news/transcript content that can influence its decisions or subsequent actions.