whale-watcher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly says the agent fetches on-chain block/transaction data via RPC and public block explorer APIs (Etherscan, BSCScan), i.e., public user-generated transaction data that the agent reads and uses to drive alerts/summaries, so untrusted third-party content could indirectly influence behavior.