nansen-web-fetch

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill's SKILL.md explicitly instructs the agent to fetch and analyze arbitrary public URLs provided as positional args or via the --url flag (e.g., "nansen web fetch https://nansen.ai"), so it ingests untrusted third-party web content that the agent reads and can influence its outputs/actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill fetches arbitrary user-supplied URLs at runtime (e.g., https://nansen.ai or any --url provided) and injects the retrieved page content directly into the model context to drive answers, so fetched remote content can directly control prompts.