dnanexus-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's examples and run/configuration docs show it downloads and processes arbitrary user-uploaded data and external resources (e.g., dxpy.download_dxfile, dxpy.find_data_objects across projects and file_obj.open_file, plus dxapp.json network:["*"] with pip/docker pulls), which clearly ingests untrusted third-party/user-generated content that the agent would read and interpret at runtime.