whale-tracking

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and parses public on-chain and third‑party API data (Helius, Solana RPC, SolanaTracker, Birdeye) — e.g., get_wallet_transactions in scripts/track_whales.py and fetch_wallet_transactions/parse_transaction_to_alert in scripts/whale_alerts.py and the SKILL.md webhook sections — and treats transaction/description/token-transfer fields as inputs that drive classification and alerting, so untrusted public content can materially influence agent behavior.