pubchem-database

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and processes public PubChem content—including PUG-View "Third-Party Annotations & Text" and arbitrary PUG-REST paths via scripts/pubchem_api.py (safety(), pharmacology(), view(), query()) and references/endpoints.md—and the workflows require reading and synthesizing that returned text into reports and decisions, so untrusted third‑party text could influence agent behavior.