data-analysis-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — SKILL.md explicitly instructs fetching and ingesting open third-party content (e.g., "Download latest genome table from Google Sheets", AWS S3 path resolution and validation with aws s3 ls, and using external phylogenetic services like TimeTree/NCBI) which the agent is expected to read and act on to make merging/enrichment/conflict-resolution decisions.