arxiv-to-md

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and converts arXiv papers (user-supplied arXiv IDs/URLs) as described in SKILL.md and README (sub_agent step "Fetch"), meaning it ingests untrusted third-party paper source content from arxiv.org which the agent reads and interprets during processing and could therefore enable indirect prompt injection.