target-based-lead-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly calls a web search tool (TOOLS["web_search"]) in Phase 1 (Target Identification) — as shown in SKILL.md and examples/basic_example.py — to fetch open-web PDB/literature results which the agent parses to choose PDB IDs and define binding pockets, so untrusted third-party content is ingested and directly influences downstream decisions and tool use.