tooluniverse-adverse-outcome-pathway

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The required runtime workflow calls multiple external knowledge-base tools (e.g., AOPWiki_get_aop, PubChemTox_get_*, CTD_get_*) that return narrative/field text authored by third parties (public community/vendor databases), which the agent then places into the LLM context as tool results—an outsider-authored free-text ingestion path.