pride-database

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly queries the public PRIDE Archive REST API (https://www.ebi.ac.uk/pride/ws/archive/v2/) and ingests project metadata, file lists, peptide/PSM records and download URLs (e.g., get_project, get_project_files, get_peptides, build_download_manifest) — all public, user-submitted content that the agent parses and uses to decide downloads and next actions, so it exposes the agent to untrusted third‑party content.