zotero-arxiv-daily-guide

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly states the plugin fetches and scores new arXiv submissions (titles, abstracts, PDFs) from arXiv.org (via the arXiv API) and presents/acts on that public, user-generated content (e.g., "New arXiv submissions are scored" and "Open the full paper on arXiv"/"Download the PDF directly to Zotero"), so untrusted third-party content is ingested and can influence recommendations and actions.