paper-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the tool to fetch and ingest results, abstracts and PDFs from public third‑party sources (e.g., OpenAlex, Semantic Scholar, arXiv, PubMed, Google Scholar, CNKI, WoS) via search commands and WebBridge/browser flows, so untrusted web content is read and used to drive subsequent actions (searching, downloading, exporting, and choosing follow‑ups).