matchms

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill imports and processes spectra from public, third-party sources (e.g., load_from_usi and GNPS/GNPS JSON references) and also fetches chemical annotations from PubChem via derive_annotation_from_compound_name, so the agent would read and interpret untrusted external content as part of its workflow.