financial-intel

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill makes outbound requests to the public Banana Farmer API (e.g., scripts/bf-lookup.py calling /signals/{sym} and scripts/bf-watchlist.py calling /content/watchlist), and those responses explicitly include social sentiment and user-driven content (the README cites Reddit and X mentions and the code surfaces social/bullCase/bearCase/driver/watchlist reason fields), so the agent will read and interpret untrusted, third‑party/user-generated content at runtime.