brenda-database

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches and parses data from the public BRENDA SOAP API (https://www.brenda-enzymes.org/)—see SKILL.md examples using get_km_values, get_reactions, and scripts/brenda_queries—which ingests untrusted third-party enzyme entries that the agent reads and uses to drive analysis and downstream decisions.