pine-visualizer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill automatically fetches and analyzes user-provided YouTube videos (metadata and transcripts via YouTube captions or Whisper) so the agent ingests and interprets public, user-generated content from YouTube, which could carry indirect prompt injection.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly focused on trading strategy implementation and repeatedly extracts entry/exit conditions and risk-management rules. Its examples and implementation steps specifically call out strategy.entry() (i.e., placing strategy orders) and “Strategy entry commands” / “positions” and produce concrete specifications for automated trading logic. This is not a generic analysis tool — it is purpose-built for financial trading and includes functions that map directly to placing market orders in Pine Script, thereby enabling direct financial execution when implemented. Therefore it meets the "market orders / buying-selling assets" criterion.