biomni

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads and queries public third‑party biomedical data and literature (see "Data Integration" in SKILL.md and LiteratureDB in references/api_reference.md) and can also invoke external MCP web-search servers (references/api_reference.md -> MCP Server Integration and references/llm_providers.md), so the agent ingests untrusted public content that can materially influence its autonomous analysis and code execution.