search-paper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly fetches and scrapes public sites (arXiv, IACR ePrint, Semantic Scholar, DBLP, OpenAlex) — e.g., arxiv.py reads the author-supplied journal_ref, iacr.py _fetch_paper_page scrapes the ePrint page and "Publication info", and semantic_scholar.py consumes API metadata — all untrusted, user/author-generated content that the skill parses and uses to resolve venues and drive subsequent workflow decisions.