tooluniverse-variant-functional-annotation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md workflow explicitly calls public third‑party data sources—e.g., Phase 1 ProtVar_get_population, Phase 3b OpenCRAVAT_annotate_variant, and Phase 4 ClinVar_search_variants/ClinVar_get_variant_details—and requires the agent to read and integrate those public/user‑submitted database entries into decision-making, so untrusted external content can materially influence tool use and next actions.