mouse-phenome-database

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill repeatedly fetches and ingests data from the public MPD REST API (https://phenome.jax.org/api — e.g., /project, /pheno/query, /measurement/{measnum}, /project/{id}/data, /strain/{name}), including free-text project titles/descriptions and protocol metadata that the agent is expected to read and use to choose strains and drive analyses, which creates a clear vector for indirect prompt injection from external, third-party content.