tooluniverse-epidemiological-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and ingest public third‑party content (e.g., download_and_parse using requests.get(url), API pagination for GDC/ClinicalTrials.gov, and execute_tool("PubMed_search_articles"/"EuropePMC_search_articles")) and to read and act on those results as part of the analysis workflow, so untrusted web content could materially influence tool use and decisions.