academic-research-hub

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests public third‑party content from arXiv, PubMed, and Semantic Scholar (see SKILL.md and the scripts/research.py functions search_arxiv, search_pubmed, search_semantic and download_arxiv_papers), and those external abstracts/PDFs/metadata are parsed and used to drive formatting, downloads, and outputs, so untrusted external text can materially influence the agent's behavior.