solscan-data

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's CLI and SKILL.md explicitly call the public Solscan Pro API (base URL https://pro-api.solscan.io/v2.0) — e.g., endpoints like /account/metadata, /transaction/actions, /nft/news — which return public, user-generated on-chain metadata and feeds that the agent ingests and can materially influence subsequent decisions and tool use.