tooluniverse-adverse-outcome-pathway

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests data from public third-party databases (AOPWiki, PubChem/PubChemTox, and CTD) as shown in the SKILL.md workflow (e.g., AOPWiki_list_aops/AOPWiki_get_aop, PubChemTox_get_, CTD_get_) and uses returned stressors, classifications, and gene/disease associations to drive selection and downstream actions, so untrusted external content can materially influence the agent's decisions.