imaging-data-commons

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill explicitly queries and ingests public IDC data (e.g., the BigQuery public table bigquery-public-data.idc_current.dicom_all, the IDC REST API at https://api.imaging.datacommons.cancer.gov/, and public GCS buckets like gs://idc-open-data/) as part of its core workflows to select and drive downloads, so untrusted third‑party content can influence subsequent tool use and decisions.