open-access-mining-guide

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow and code explicitly fetch and parse open/public third-party content (e.g., fetch_pmc_fulltext calling NCBI E-utilities for PubMed Central XML and mentions CORE, arXiv, Europe PMC, and OpenAlex APIs/bulk downloads) and then reads and interprets that untrusted user-generated content as part of extraction and decision-making, allowing content to influence downstream actions.