repository-harvesting-guide

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's SKILL.md and example harvester code explicitly fetch and parse metadata from public OAI-PMH endpoints (e.g., requests.get(base_url, params=...) and listed endpoints like arXiv and PubMed Central), so untrusted third-party repository content (including resumptionTokens and metadata fields) is ingested and can drive subsequent requests and processing.