tooluniverse

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches and interprets open public data from third‑party databases and APIs (e.g., OpenTargets, PubChem, UniProt, PDB, ChEMBL, ZINC and literature searches) as part of its workflows, so the agent will read/interpret untrusted external content that could carry indirect prompt injection.