contract-decode

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (Step 3: External API Query in SKILL.md and the referenced references/apis.md) explicitly instructs the agent to fetch ABIs and selector/signature data from public services (Sourcify, Etherscan, 4byte.directory), which are open, user-submitted/untrusted sources whose returned content is parsed and used to drive decoding decisions and follow-up actions.