academic-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Search Strategy explicitly directs the agent to perform web searches and ingest content from public third‑party sites (e.g., site:semanticscholar.org, arxiv.org, philpapers.org, ncbi.nlm.nih.gov) and to follow citations, so the agent will fetch and read open web content that could contain indirect prompt injection.