paper-lookup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The skill will call public scholarly APIs (e.g., CORE/Unpaywall/Crossref/Semantic Scholar/OpenAlex) and then feed the returned fields—such as abstracts/full-text snippets and HTML-containing metadata—into the agent’s LLM context; these texts are authored by third parties (outsider sources) and are ingested as readable prose/markup from runtime API responses.