conference-writing-adapter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and inspect public venue pages and exemplar papers (e.g., OpenReview pages, proceedings pages, official venue websites, and user-provided PDFs/links) as part of its required "Step 3
• Learn the Target Venue Taste" workflow, which means untrusted third‑party content (including user-generated OpenReview notes) will be read and used to drive rewrite decisions.