compute

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly references obtaining match data from public providers and notes Understat is "available via web scraping per match," meaning the skill expects to fetch and ingest open web content (Understat/public provider pages) as part of its workflow, exposing the agent to untrusted third-party pages.