stock-data-verifier

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly requires the agent to call web-search tools (mcp_exa_web_search_exa / mcp_websearch_web_search_exa) to fetch and extract "original_text" from public third‑party sites (e.g., finance.naver.com, krx.co.kr, finance.yahoo.com, seekingalpha.com, etf.com, etc.), and those fetched texts are used to compute/verify values and drive verified/FAIL decisions, so untrusted web content can materially influence agent behavior.