polymarket

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches public, user-generated market data from Polymarket APIs (GAMMA_API, CLOB_API, DATA_API in client.py) and the SKILL.md/tool workflows (e.g., polymarket_search, polymarket_event, polymarket_trades, polymarket_leaderboard) require the agent to read and act on those market/event/trade/description fields, so untrusted third‑party content could influence subsequent tool use or decisions.