paper-relevance-filter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly consumes paper records fetched from public sources (calls out bioRxiv, medRxiv, PubMed in Step 1) and requires reading/interpreting titles and abstracts (Axis 2) to make KEEP/REVIEW/DROP decisions, so untrusted, user-generated third‑party content can materially influence agent behavior.