portal-dataset-discovery

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's workflow (SKILL.md) explicitly instructs the agent to fetch and read public resources—e.g., https://github.com/subsquid/sqd-portal/blob/master/resources/schemas.json and https://portal.sqd.dev/datasets/{dataset-name}/metadata—to verify dataset names, so external, public web content is read and directly influences subsequent query actions.