tooluniverse

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md shows the agent invoking public third‑party databases and tools (e.g., OpenTargets, PubChem, UniProt, PDB, ChEMBL, ZINC) via tu.run (examples like OpenTargets_get_associated_targets_by_disease_efoId, AlphaFold_get_structure, ZINC_virtual_screening), which ingests external content that the agent reads and uses to drive subsequent tool choices and workflow decisions.