tooluniverse-target-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests content from open/public third-party sources (e.g., OpenTargets_get_publications_by_target_ensemblId in PATH 0 and PubMed/EuropePMC search calls in PATH 8), requires the agent to read and interpret those results as part of its mandatory workflow, and uses that external content to grade evidence and drive recommendations, so it exposes the agent to untrusted third‑party content that could enable indirect prompt injection.