niche-evaluator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The skill’s runtime workflow calls multiple outsider-provided data endpoints (e.g., /api/v1/tools/linkfox/amazon/search, /googleTrend/getTrendByKeys, /keepa/productSeries, /ebay/search, /echotik/listProduct) and then embeds returned fields (including free-text like product titles/ASIN-related identifiers) into the JSON result that is later rendered/used for chart labels and LLM context; these are outsider-authored marketplace/web-derived contents.