add-journal

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Phase 2 (Path A) explicitly attempts to fetch and parse the user-provided Author Guidelines URL (public journal webpages) and uses that untrusted, third-party content to extract metadata and determine profile generation and AI-policy behavior, so external page text can materially influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly fetches the user-provided "Author Guidelines URL" at runtime and injects that fetched page as the primary data source that directly controls the generation prompts and produced profiles (i.e., the user-provided Author Guidelines URL is used at runtime to steer the agent).