paper-analyzer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md Step 2 shows the agent explicitly fetching public arXiv content (e.g., curl to https://arxiv.org/abs/[PAPER_ID] and https://arxiv.org/pdf/[PAPER_ID]) and the required workflow then reads and analyzes that fetched paper content, so untrusted third‑party pages can influence analysis and subsequent actions.