meta-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and ingest open/public third‑party content (e.g., using /search-lit to query PubMed/Embase/Cochrane and /fulltext-retrieval to download full-text PDFs, plus WebPlotDigitizer for digitising published KM curves) and to read/interpret those materials as part of screening, extraction, and analysis, so untrusted external content can materially influence tool use and decisions.