rebuttal-strategist

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests public OpenReview content (see Step 2 and references/openreview-protocol.md, including the OpenReview API URL), and requires the agent to read and act on reviewer text to build rebuttal plans and decide experiments, so untrusted third‑party reviewer content can materially influence actions.