defillama-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs the agent to connect to DefiLlama's public MCP server at https://mcp.defillama.com/mcp and use tools like get_protocol_info, get_events, and get_market_totals to fetch and interpret public DeFi data (including protocol metadata and event descriptions) from a third-party website, which is untrusted public content that could influence agent decisions.