paper-interpretation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly fetches and ingests open web and user-provided paper content (e.g., "arxiv URL → WebFetch", "PDF → Read", "论文名称 → WebSearch" in the "执行 1. 获取内容" section), so the agent will read and act on untrusted third‑party material that could contain adversarial instructions.