paper-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly instructs the agent to resolve and fetch papers by URL/DOI/arXiv/PMID and to fetch full text/sections/figures from external paper MCP sources (see SKILL.md "Required flow" step 1 and references/paper-tools-and-prompts.md), meaning it ingests untrusted third-party web content that can influence downstream actions.