ena-database

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches public, user-submitted records and free-text metadata from the European Nucleotide Archive via its Portal/Browser APIs and FTP/Aspera endpoints (e.g., https://www.ebi.ac.uk/ena/portal/api, https://www.ebi.ac.uk/ena/browser/api, ftp://ftp.sra.ebi.ac.uk), which the agent is expected to retrieve and parse, exposing it to untrusted third-party content that could carry indirect prompt injection.