fetch-preprint-recent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly fetches public, third-party preprint content from the api.biorxiv.org/details/{server}/{from}/{to}/{cursor} endpoint (see "Step 2 — Page through the endpoint") and reads/filters title + abstract text ("Step 5 — Keyword-filter") which the agent uses to decide which records to return, so untrusted external text can influence downstream decisions.