code-replication

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's Phase 1 "Paper Audit" explicitly instructs the agent to check and inspect external third‑party sources such as GitHub, project pages, and supplementary materials (public websites/repositories), which the agent would fetch and interpret as part of the replication workflow, exposing it to untrusted user-generated content that could influence subsequent actions.