platon-blockscout

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly fetches data from public Blockscout endpoints (see scripts/lib/client.ts and NETWORKS base URLs pointing to https://blockscout.platon.network, and scripts/blockscout.ts which invokes commands like inspect-contract and get-contract-abi), and those commands (e.g., inspect-contract) ingest and return user-submitted contract source_code and other public explorer content that the agent is expected to read and summarize, so untrusted third-party content can influence agent outputs and subsequent behavior.