monetize-agent-responses

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill calls operon.getPlacement against the Operon API (https://api.operon.so) and returns advertiser-supplied placement content (result.placement) which the agent is instructed to render alongside its primary answer, so untrusted third‑party content from the Operon endpoint is fetched and can influence agent outputs.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill initializes the SDK with and calls the runtime API at https://api.operon.so (via operon.getPlacement), which injects remote placement content directly into agent responses, so this external URL can control the agent's output at runtime.