biopython

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill directly uses Bio.Entrez (e.g., Entrez.esearch / Entrez.efetch for PubMed/GenBank) and Bio.Blast (NCBIWWW.qblast) to download and read public NCBI records and BLAST results, so the agent ingests open, third‑party content (PubMed/GenBank entries and BLAST output) as part of its workflow which could contain untrusted/user‑submitted text.