tooluniverse-chemical-safety

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (medium risk: 0.65). The required runtime workflow calls multiple external database tools (e.g., PubChem_get_CID_by_compound_name / PubChem_get_compound_properties_by_CID, CTD_get_chemical_gene_interactions / CTD_get_chemical_diseases, FDA_get_* and DrugBank/STITCH/ChEMBL tools) that return free-text fields from third-party sources; those returned texts are then inserted into the agent’s generated markdown report and thus into the LLM context, creating an indirect prompt-injection surface from outsider-authored content.