clinvar-database

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md and references (e.g., references/api_reference.md) explicitly instruct the agent to fetch and ingest public ClinVar data via NCBI E-utilities (https://eutils.ncbi.nlm.nih.gov/...) and the public FTP (ftp://ftp.ncbi.nlm.nih.gov/pub/clinvar/), which are public, submitter-sourced records (SCV/VCV/RCV) that the skill expects the agent to read and use to annotate and make decisions about variant significance, so untrusted third‑party content can materially influence behavior.