yield-strategy-advisor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow (SKILL.md Step 2 and examples) explicitly fetches live, public data from api.barker.money (GET https://api.barker.money/api/public/v1/defi/vaults...) and consumes protocol names, APYs, and other user-generated public-market data to make allocation and action decisions, so untrusted third‑party content can influence tool behavior.