tooluniverse-epigenomics

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly calls ToolUniverse tools to fetch and ingest public third-party datasets (e.g., ENCODE_search_experiments, GEO_search_*, SRA_search_experiments, ensembl_get_regulatory_features, ChIPAtlas_get_experiments) as shown in SKILL.md Phase 6, CODE_REFERENCE.md and TOOLS_REFERENCE.md, and those untrusted public results are read and used to drive annotation, fallbacks, and downstream analysis decisions—meeting the criteria for indirect prompt-injection exposure.