israeli-bank-reconciliation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md Step 3 and the provided fetchTransactions code) explicitly scrapes/fetches transactions from third-party bank websites using the open-source israeli-bank-scrapers library, and those scraped records are directly read and used by the matching engine to drive reconciliation decisions, so untrusted third-party content can materially influence agent actions.