hypogenic

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (medium risk: 0.65). Outsider free text can be ingested when using HypoRefine/Union: the runtime reads and converts user-supplied PDF papers from literature/YOUR_TASK_NAME/raw/ via GROBID (pdf_preprocess.py), and the extracted paper text is then fed into LLM prompts for hypothesis generation.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly instructs cloning and running scripts from the GitHub repository https://github.com/ChicagoHAI/hypothesis-generation (e.g., git clone ... and bash ./modules/setup_grobid.sh / bash ./modules/run_grobid.sh), which fetches remote code and executes it at runtime for literature processing, so this is a runtime external dependency that executes remote code.