mantle

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The mantle-data-indexer skill explicitly requires calling external indexer endpoints (skills/mantle-data-indexer/SKILL.md) via commands like "mantle-cli indexer subgraph --endpoint --query --json" where arbitrary/public endpoint URLs (user-supplied) are executed and their query results are consumed to drive analytics and decisions, exposing the agent to untrusted third‑party content that can influence subsequent actions.