academic-research-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to use web_search and web_fetch to find and ingest content from open public sites (e.g., Google Scholar, arXiv, IEEE Xplore, PubMed, ACM Digital Library) and to read/interpret those third-party articles as part of its research workflow, which exposes it to untrusted public content that could carry indirect prompt injections.