bgpt-paper-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The skill’s runtime workflow calls a remote MCP server (BGPT at https://bgpt.pro/mcp/sse) to fetch and return paper-derived structured text (methods/results/metadata) from a curated database, which is outsider-authored scientific content not written by the operating user.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires a runtime connection to the remote MCP server endpoints (e.g., https://bgpt.pro/mcp/sse and https://bgpt.pro/mcp) which supply the tool behavior and responses that directly control agent instructions and are a required dependency.