gs-navigate-pages

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's SKILL.md explicitly navigates to and scrapes live Google Scholar search result pages (see "Navigate" and "Extract results (evaluate_script)"), i.e., open/public third-party content is fetched and parsed and those results are used to drive navigation and subsequent actions, exposing the agent to untrusted web content that could contain manipulative instructions.