biopython

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to use Bio.Entrez and NCBIWWW.qblast to search and fetch records from public NCBI resources (PubMed, GenBank, Protein, etc.) and then parse and act on those fetched records (e.g., fetch sequences and top BLAST hits), which exposes the agent to untrusted third-party content from public databases that can influence subsequent tool use.