zerion-vaultsfyi-strategist

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests data from public third-party endpoints (e.g., vaults.fyi MCP v2 at https://mcp.vaults.fyi/mcp via calls like vault_apy_history, vault_history, vault_returns and Zerion API calls such as zerion portfolio/positions) as required by the SKILL.md workflow, and that untrusted public data is read and used to drive backtests, recommendations, and decisions.