research-router-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly directs the router to gather and synthesize evidence by invoking downstream public data skills (e.g., ncbi-entrez-skill, ncbi-pmc-skill, biorxiv-skill, pubchem-pug-skill and other public database skills listed under "Entity Normalization" and "literature and dataset discovery"), meaning the agent will fetch and interpret untrusted public third‑party content that can influence tool selection and final actions.