ccdb

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill directly queries a public third‑party API (https://gateway.carbonstop.com/management/system/website/searchFactorDataMcp) via scripts/ccdb-search.mjs and SKILL.md describes consuming and interpreting the returned JSON rows (including name, description, specification) to drive calculations and decisions, so untrusted external content can materially influence the agent's actions.