academic-research-mapper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly runs TinyFish browser agents to fetch and parse search results and abstract snippets from open/public sites (arXiv, Semantic Scholar, Google Scholar — see "Step 2 — Search all three sources in parallel" commands), causing the agent to ingest untrusted, user-published content and to use that content to deduplicate, cluster, and drive synthesis/decisions, which could enable indirect prompt injection.