dune

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and parse live, third‑party Dune content (e.g., using dune dataset search / dune dataset search-by-contract and dune docs search in SKILL.md and references/dataset-discovery.md / references/docs-and-usage.md) including community-contributed and uploaded tables and query results (result.metadata.column_names) which the agent must read and use to build SQL, visualizations, and dashboard updates — meeting the conditions for untrusted, user-generated content that can materially change agent actions.