israeli-bank-connector

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly uses israeli-bank-mcp / israeli-bank-scrapers (headless browser scraping) to fetch transaction data from banks and credit-card provider websites (see SKILL.md "Direct scraper integration" and the "Gotchas" note), and the agent is required to read and act on that third-party web content to categorize transactions, detect recurring charges, and drive exports—exposing it to untrusted public web content that can influence behavior.