nansen-defi-positions

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). SKILL.md explicitly instructs running Nansen CLI commands (e.g., "nansen research portfolio defi --wallet $ADDR" and "nansen research profiler balance --address ...") to fetch public on-chain/protocol data from a third-party service that the agent will read and use, so it ingests untrusted public content that could influence decisions.