market-overview

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). The skill ingests outsider-authored free text from third-party marketplace/search APIs at runtime—e.g., Amazon/eBay/Walmart product titles/brand names and ABA “clickedItemName” are returned as strings by call_api()/js_api_call() and then embedded into the LLM context via the generated report/insights and chart labels (e.g., analyze_amazon() → top_brands/products, _fetch_aba_data() → top_asins[].title, and generate_chart_analysis()/generate_charts() use these strings).