base-academic-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md shows the skill calling the public BASE API (https://api.base-search.net/cgi-bin/BaseHttpSearchInterface.fcgi) and ingesting untrusted open-access document fields (titles, abstracts, urls) via the included Python usage, which the agent would read and use to drive results/decisions.