geoscience-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md files explicitly show runtime ingestion of open public datasets (e.g., pangaea-data-api calling https://www.pangaea.de/ and download URLs, climate-modeling-guide opening the CMIP6 Pangeo catalog at https://storage.googleapis.com/cmip6/pangeo-cmip6.json, satellite-remote-sensing using the Microsoft Planetary Computer STAC, gis-remote-sensing using Google Earth Engine, and seismology-data-guide using IRIS/USGS FDSN) so the agent is expected to read/interpret arbitrary third-party content which could materially influence analysis or actions, enabling indirect prompt injection risk.