balance-sheet-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Data Fetching Process in SKILL.md explicitly instructs the agent to fetch public third-party sources—https://www.sec.gov/files/company_tickers.json, the SEC EDGAR XBRL companyfacts JSON, and fallback pages on https://stockanalysis.com—which the agent ingests and uses to drive analysis and derived actions, exposing it to untrusted public web content that could carry indirect prompt-injection risks.