create-grant

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly instructs the agent to fetch and parse data from public Karma API endpoints (e.g., ${BASE_URL}/communities/${COMMUNITY_SLUG_OR_UID}/programs and /v2/projects) and to use those user-generated program/project/community fields (programId, projectUID, communityUID) to decide and perform grant-creation actions, so untrusted third-party content could materially influence the agent's decisions.