eli5

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow explicitly tells the agent to "Use alpha first when the user names a specific paper, arXiv id, DOI, or paper URL," which requires fetching and reading public third‑party paper webpages (e.g., arXiv/paper URLs) and using that content to drive the explanation, so untrusted external content can influence behavior.