dbsnp-database

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly fetches and parses public, third-party dbSNP content from NCBI E-utilities (https://eutils.ncbi.nlm.nih.gov/entrez/eutils) and the NCBI Variation Services REST API (https://api.ncbi.nlm.nih.gov/variation/v0) as shown throughout SKILL.md, and those external records (public/user-submitted data like clinical_significance/annotations) are read and used to drive annotation and downstream decisions, creating a clear exposure to untrusted third-party content that could influence agent behavior.