tooluniverse-pharmacovigilance

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow explicitly requires querying and ingesting open/public third‑party sources (e.g., FAERS via FAERS_count_reactions_by_drug_event, DailyMed_get_spl_by_set_id, PharmGKB_search_drug, PubMed/BioRxiv/MedRxiv searches) and uses those results to compute signals and drive recommendations, so untrusted public content is read and can materially influence agent decisions.