bioservices-multi-database

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md core API and workflows clearly show the agent programmatically fetching and parsing public third‑party web services (e.g., UniProt, KEGG, ChEMBL, ChEBI, PSICQUIC, QuickGO, NCBIblast) and using those responses (parsed entries, mappings, KGML, interaction tables) to drive subsequent mapping, queries, and decision steps (e.g., analyze_protein, search_compound), exposing it to untrusted public web content that could carry indirect prompt injection.