get-token-metadata

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's get_token_metadata (per SKILL.md) pulls public Art Blocks token fields—project.description, website, liveViewUrl, imageUrl, etc.—from open, artist/user-provided metadata and the agent is expected to read and present those untrusted third-party contents which could influence follow-up actions.