Asta Literature Reports

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and processes open/public academic content (paper-finder JSON results written to .asta/literature/find/ obtained via TaskOutput and background "asta literature find" searches, plus data fetched with "asta papers get"/"asta papers citations" and Semantic Scholar/ArXiv links), so the agent will read untrusted third-party text (paper snippets and citation contexts) that can materially influence its synthesis and tool use.