tooluniverse-data-integration-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs the agent to search and synthesize evidence from open/public third‑party databases (e.g., PubMed/EuropePMC, GWAS Catalog/OpenTargets, KEGG/Reactome/WikiPathways, STRING/BioGRID, ClinVar, DGIdb/ChEMBL, ClinicalTrials.gov), and that retrieved content is used to drive interpretation, grading, and next actions, so external content can materially influence tool use and decisions.