scientific-revision

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's workflow and scripts explicitly query public APIs and sites—verify_crossref.py calls the CrossRef API and verify_scholar.py queries Semantic Scholar (and optionally Google Scholar via scholarly)—and the agent ingests and interprets those external, public search results to decide verification status and next actions, creating a clear channel for untrusted third‑party content to influence behavior.