zerion-vaultsfyi-market-intel

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests and acts on data from the public vaults.fyi MCP (https://mcp.vaults.fyi/mcp) via endpoints like vaults_search, vault_details, benchmark_apy, vault_apy_history and also pulls Zerion positions (e.g., zerion positions <address>), and that untrusted third‑party content is read and interpreted to drive recommendations and next actions in the documented workflow.