hugging-face-paper-publisher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's CLI and scripts (scripts/paper_manager.py) fetch and parse public third-party content—requests to https://huggingface.co/papers/{arxiv-id}, the arXiv API, and downloaded README.md files via hf_hub_download—and the agent reads and uses that data to decide indexing/linking actions and to modify/upload repository READMEs, so untrusted user-generated web content can materially influence its behavior.