stock-portfolio

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill imports and passes src.data.yahoo_client (e.g., yahoo_client.get_stock_info, get_price_history, get_macro_indicators) into core functions and calls (snapshot, health, forecast, rebalance, analyze, backtest), which clearly fetch public third‑party market/news/sentiment data and those results are used to drive forecasts, rebalancing and other decision-making.