funding-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md files (notably figshare-api/SKILL.md and zenodo-api/SKILL.md) and the API guides (nih-reporter-api-guide/SKILL.md, nsf-award-api-guide/SKILL.md) explicitly instruct querying public, user-submitted repositories and open APIs and parsing their returned records as part of the workflow, which exposes the agent to untrusted third-party content that could carry indirect prompt-injection.