opentargets-database

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill explicitly fetches data from the public Open Targets GraphQL API (BASE_URL https://api.platform.opentargets.org/api/v4/graphql) via scripts/query_opentargets.py and SKILL.md (including the custom-query subcommand), and the agent is expected to read and act on those API responses as part of its workflow, so untrusted third‑party content could indirectly influence actions.