bioservices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill programmatically fetches and parses data from public third‑party services (e.g., UniProt, KEGG, PSICQUIC, UniChem, ChEMBL) as shown in SKILL.md and the scripts (e.g., scripts/protein_analysis_workflow.py, pathway_analysis.py, compound_cross_reference.py), and that untrusted web content is directly read and used to drive subsequent mapping, BLAST submissions, and analysis steps, so it could enable indirect prompt injection.