aicoin-hyperliquid

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required runtime workflow (SKILL.md and the scripts in scripts/hl-market.mjs and scripts/hl-trader.mjs) calls the public AiCoin/Hyperliquid Open API (lib/aicoin-api.mjs -> BASE https://open.aicoin.com) to ingest live market/trader/whale event data and free-text error/msg fields (e.g., msg / 实测结论) that the agent is expected to read and act on, so untrusted third-party content can materially influence agent behavior.