aminer-academic-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches and parses data from the public AMiner APIs (base URL https://datacenter.aminer.cn/gateway/open_platform as shown in references/api-catalog.md and scripts/aminer_client.py), using returned scholar/paper/venue/patent records to select IDs and drive follow-up calls and decisions, so untrusted third-party content can materially influence tool behavior.