tooluniverse-gwas-finemapping

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly queries public third‑party sources (Open Targets Genetics and the GWAS Catalog) via ToolUniverse calls (e.g., OpenTargets_get_study_credible_sets, OpenTargets_search_gwas_studies_by_disease, gwas_search_studies / gwas_get_snp_by_id) in python_implementation.py and the SKILL.md/QUICK_START examples, and it consumes and interprets returned trait/study/variant text and L2G/credible‑set data to drive prioritization and validation decisions, so external untrusted content can materially influence agent behavior.