asta-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill instructs the agent to call the public Asta MCP endpoint (https://asta-tools.allen.ai/mcp/v1) and use tools like snippet_search and get_paper to ingest ~500-word paper excerpts and metadata from the public Semantic Scholar corpus, and those third‑party texts are read and used to drive follow-up tool calls and decisions in required workflow steps, so untrusted external content can materially influence agent behavior.