ieee-journal-browse

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.80). The prompt explicitly instructs the agent to always inject an initScript that masks navigator.webdriver (evading bot detection), which is a deceptive behavior-changing instruction outside the stated harmless browsing purpose.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill autonomously navigates to and scrapes public IEEE Xplore pages (e.g., {BASE_URL}/xpl/RecentIssue.jsp?punumber={PUNUMBER} and related xpl URLs) and ingests that third‑party page content into its workflow, which can influence subsequent navigation and outputs.