tooluniverse-pathway-disease-genetics

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md explicitly instructs the agent to fetch and ingest data from public third‑party sources (e.g., GWAS Catalog via gwas_search_associations/gwas_get_variants_for_trait, Open Targets via OpenTargets_* tools, GTEx via GTEx_query_eqtl, Reactome/KEGG via ReactomeContent_search/kegg_search_pathway, DGIdb/STRING/PANTHER), and that externally sourced content is interpreted and used to drive downstream decisions and tool actions, which could enable indirect prompt injection.