defillama-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md and scripts (e.g., scripts/defi_snapshot.py and scripts/price_lookup.py) explicitly fetch and parse data from public DeFiLlama endpoints (https://api.llama.fi, https://coins.llama.fi, https://stablecoins.llama.fi), which are open third-party sources whose responses are read and used to drive sorting/decisions in the agent's workflow, exposing it to possible indirect prompt-injection via untrusted remote content.