tooluniverse-immunology

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch and interpret content from public third‑party databases (e.g., SAbDab_search_structures returning a browse URL, IEDB search tools, IntAct/BioGRID PPI queries, FAERS and clinical trials searches) and to use those results to drive analysis and follow-up actions, which exposes the agent to untrusted external content that could carry indirect prompt injection.