tooluniverse-variant-interpretation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow and code examples (Phase 2 and Phase 5 in SKILL.md and the CHECKLIST) explicitly fetch and ingest public third‑party content — e.g., ClinVar, gnomAD, PubMed/EuropePMC (bioRxiv/medRxiv), COSMIC, DisGeNET, ENCODE/ChIPAtlas, PDB/AlphaFold — and the agent is expected to read and interpret that data to apply ACMG evidence and drive clinical recommendations, so untrusted external content could materially influence tool use and decisions.