aminer-data-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly fetches and ingests public third‑party content from the AMiner Open Platform (datacenter.aminer.cn) as part of its mandatory workflows (see SKILL.md and scripts/aminer_client.py calling /api/* endpoints), and those returned scholar/paper/patent fields are used to drive subsequent API calls and selection logic, so untrusted external data can materially influence agent behavior.