biorxiv-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests public, user-generated preprint metadata and text from the official bioRxiv API (see SKILL.md "Base API: https://api.biorxiv.org/details/biorxiv" and scripts/search.py's fetch_json/build_url logic), and the agent directly reads and uses titles/abstracts/authors to drive matching and subsequent results, so untrusted third-party content can influence its behavior.