pm-export

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflow fetches and parses open/public PubMed records via the NCBI eutils APIs (Step 1: esummary/efetch) and then may download full-text PDFs from publisher/third-party URLs derived from that metadata (scripts/push_to_zotero.py resolve_pdf_url/download_pdf), so it ingests untrusted public web content that is used to drive actions (metadata building, PDF downloads, and Zotero save operations).