portal-query

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to POST to public Portal endpoints (e.g., "POST https://portal.sqd.dev/datasets/{dataset-name}/stream" in Step 3 and the "Response Format" section) to ingest on-chain logs/transactions/instructions — public, user-generated blockchain data that the agent is expected to parse and that can materially influence subsequent tool use and decisions.