clinvar-database

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and parse public ClinVar content (via the NCBI web interface and E-utilities API and FTP at ftp://ftp.ncbi.nlm.nih.gov/pub/clinvar/), which includes submitter-provided, public/untrusted variant records that the agent is expected to read and use to drive filtering/annotation decisions—meeting the criteria for exposure to untrusted third-party content.