tooluniverse-clinical-trial-matching

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly searches and ingests open public content—notably ClinicalTrials.gov eligibility texts, trial descriptions and locations via search_clinical_trials/get_clinical_trial_eligibility_criteria/get_clinical_trial_descriptions, and literature/databases like PubMed, CIViC, OpenTargets and DrugBank—then parses and acts on that untrusted, third-party text to score and recommend trials, so external content can materially influence agent decisions.