get-research-paper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (SKILL.md, workflows/search.md and the per-source docs like sources/google-scholar.md, sources/semantic-scholar.md, sources/pubmed.md and toolchains/arxiv_search.py) explicitly performs WebSearch/WebFetch of public third‑party sites (arXiv, Google Scholar, Semantic Scholar, PubMed, etc.) and ingests their abstracts/metadata which the agent must read and use to rank/summarize papers and drive handoffs, so untrusted third‑party content can materially influence agent behavior.