zinc-database

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and parses data from public ZINC endpoints (e.g., CartBlanche22 API at https://cartblanche22.docking.org/ and file repository https://files.docking.org/zinc22/) as shown in SKILL.md and references/api_reference.md, and the agent is instructed to read/interpret those results (parse TSV/SMILES/tranche fields) to drive downstream decisions (filtering, selecting compounds, downloading structures), so untrusted third-party content can materially influence tool use and actions.