fda-database

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill directly queries and ingests public openFDA API data (e.g., https://api.fda.gov/* as shown in SKILL.md and scripts/fda_query.py / scripts/fda_examples.py), which includes user- and reporter-submitted free-text records (adverse events, recalls, labels) that the agent reads and uses to drive analysis and decisions, so untrusted third-party content could indirectly inject instructions.