literature-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The scripts (scripts/literature_deep_review.py and scripts/pubmed_literature_search.py) explicitly fetch and download content from open public sources — e.g., PubMed/PMC (download_pmc_full_texts), ClinicalTrials.gov (search_clinical_trials/_fetch_single_trial), and Unpaywall (check_unpaywall) — and then parse and use those texts as inputs to the review pipeline (and a downstream Claude deep review), so arbitrary third‑party content can materially influence decisions and tool behavior.