tooluniverse-chemical-compound-retrieval

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md "Phase 2: Data Retrieval (Internal)" explicitly instructs the agent to fetch and interpret data from public third‑party databases PubChem and ChEMBL (e.g., PubChem_get_compound_properties_by_CID, ChEMBL_get_bioactivity_by_chemblid), and that external content is used to drive bioactivity/target interpretation and reporting, so untrusted third‑party content can materially influence actions.