emerging-movers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill calls an external Senpi API (see scripts/emerging-movers.py subprocess call to "senpi leaderboard_get_markets" and the SKILL.md architecture that says "Fetches leaderboard (1 API call)"), ingests untrusted/user-driven market leaderboard data and directly uses those results to set isImmediate alerts and trading actions, so third‑party content materially influences agent decisions.