tooluniverse-drug-drug-interaction

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's pipeline and SKILL.md explicitly call and ingest open/public third-party sources (e.g., DrugBank, PubMed, DailyMed/FDA labels, FAERS, RxNorm via ToolUniverse calls in ddi_pipeline.py and examples) and uses those external results to compute risk scores and drive clinical recommendations, so untrusted web/third‑party content can materially influence agent decisions.