pubchem-pug-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill makes required runtime REST calls to the public PubChem API (base_url=https://pubchem.ncbi.nlm.nih.gov/rest/pug) via scripts/rest_request.py and SKILL.md instructs the agent to parse and summarize the returned JSON, meaning third‑party public content can influence the agent's decisions and actions.