ibd-distribution-day-monitor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches OHLCV data from the public FinancialModelingPrep API (see scripts/fmp_client.py and data_loader.fetch_ohlcv called in SKILL.md step 1), and that untrusted third‑party data is read and directly drives the distribution‑day detection and portfolio recommendation logic, so external content can materially influence actions.