conference-paper-writing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and referenced files (notably the "Citation Workflow" and references/citation-workflow.md) explicitly instruct the agent to query and fetch content from public web APIs and services (Exa MCP, Semantic Scholar, CrossRef/DOI resolution, arXiv) and to programmatically ingest and verify those third-party results as part of its citation and drafting workflow, meaning untrusted web content can directly influence tool actions and decisions.