tooluniverse-binder-discovery

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's mandatory workflow explicitly instructs the agent to fetch and ingest content from public third‑party sources (e.g., ChEMBL, PubChem BioAssay, BindingDB, PubMed/BioRxiv, Thera‑SAbDab, GPCRdb, EMDB/PDB) and to interpret that information to drive decisions (candidate prioritization, docking, recommendations), which exposes it to untrusted user-generated or public web content that could carry indirect prompt-injection instructions.