ena-database

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill programmatically fetches public, user-submitted ENA records and files via the ENA Portal and Browser APIs and FTP (e.g., https://www.ebi.ac.uk/ena/portal/api and https://www.ebi.ac.uk/ena/browser/api), and the agent is expected to read and parse that external metadata and sequence files as part of its workflow, exposing it to untrusted third‑party content.