tooluniverse-drug-drug-interaction

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's workflow and scripts (e.g., SKILL.md and ddi_pipeline.py) explicitly call public third-party sources—DrugBank, PubMed, DailyMed (FDA labels), FAERS, RxNorm, etc.—and ingest and interpret that untrusted, user-accessible content to drive risk scoring and clinical recommendations, so external content can materially influence agent actions.