tooluniverse-precision-medicine-stratification

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly calls and interprets open/public third‑party sources (e.g., Phase 2 uses clinvar_search_variants and EnsemblVEP, Phase 4 uses PharmGKB and fda_pharmacogenomic_biomarkers, Phase 7 uses PubMed_Guidelines_Search, Phase 8 uses clinical_trials_search and OpenTargets/drugbank), and those external, publicly‑sourced results are read and used to drive scoring and treatment decisions — meeting the criteria for exposure to untrusted third‑party content that can influence agent actions.