grants

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly issues external searches and fetches—running Consensus searches (Phase 2A) and POSTing to the public NIH RePORTER API plus fetching NOSI pages from grants.nih.gov—then ingests and uses those public results (Consensus/RePORTER/NOSI) as required inputs to map institutes, pick study sections, and drive mechanism and DOCX-generation decisions, so third-party content can materially influence tool use and next actions.