fetch-arxiv-recent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses Atom feeds from the public export.arxiv.org API (see SKILL.md Steps 2–4 and the endpoint URL examples), reading titles/abstracts of user-submitted arXiv papers and using those texts to filter and drive returned records, so untrusted third-party content can influence downstream actions.