matchms

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests public, potentially user-generated spectral data (e.g., load_from_usi for GNPS USI references and load_from_json/GNPS JSON, as well as loading MGF/MSP/mzML files from arbitrary file/URL sources), so the agent would fetch and parse untrusted third‑party content as part of its workflow.