sn-search-academic

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and parses public third‑party content (e.g., arXiv HTML via scripts/arxiv_paper.py calling https://arxiv.org/html/, PMC via pmc_paper.py using NCBI eutils, Semantic Scholar and Wikipedia APIs) and SKILL.md explains workflows that have the agent read those texts to decide which sections/papers to fetch next, so untrusted external content can materially influence actions.