ipd-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly calls the public IPD API (base_url "https://www.ebi.ac.uk/cgi-bin/ipd/api" per SKILL.md) using scripts/rest_request.py which fetches and parses remote JSON/text responses and returns compact summaries that the agent reads and uses, so untrusted third-party content from that API can directly influence agent outputs and behavior.