longbridge-defi-yield

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow step 3 explicitly requires the agent to fetch DeFi protocol data via WebSearch from third-party public sites (DefiLlama, CoinGecko, and protocol dashboards), which the agent must read and use to compute risk-adjusted yields and drive its decisions—exposing it to untrusted external content that could supply indirect instructions.