sd-export

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md and scripts require navigating ScienceDirect search results pages and running evaluate_script to extract a page-specific security token and form data (and optionally download PDFs from pdfUrl using provided cookies), which clearly fetches and ingests content from public third-party pages that the agent must read and act on as part of its workflow (e.g., clicking Export/Turnstile, extracting "t" token, and using pdfUrl/cookies), so untrusted page content can influence subsequent actions.