clinicaltrials-database

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's core workflow (see SKILL.md and scripts/query_clinicaltrials.py) directly fetches public, user-submitted study data from the ClinicalTrials.gov API endpoints (e.g., https://clinicaltrials.gov/api/v2/studies and /studies/{NCT_ID}) and reads free-text fields (CommonMark) like summaries and eligibility that the agent uses for matching/decision-making, so untrusted third-party content can influence actions.