yahoo-finance-2

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill's SKILL.md explicitly instructs using the yahoo-finance2 CLI (e.g., commands like "yf quote AAPL" and "yf quoteSummary ...") to fetch live JSON data from Yahoo Finance, a public third-party site, which the agent reads and uses to answer/drive decisions, so untrusted external content could influence actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt includes a direct sudo command to create a symlink in /usr/local/bin (sudo ln -s ...), which requires elevated privileges and modifies system-level files, so it instructs changing the machine state with root access.