single-cell-annotation-skills-with-omicverse

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to download and ingest public third‑party resources (e.g., Figshare datasets like TiME_adata_scvi.h5ad, SCSA DB from Figshare/Drive, and the Cell Ontology JSON via http://purl.obolibrary.org/obo/cl/cl.json and Cell_Taxonomy_resource.txt) and then uses those files to drive annotation/mapping decisions, so untrusted public content can materially influence tool behavior.