systematic-literature-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly retrieves and ingests public third‑party content (e.g., OpenAlex, Semantic Scholar, Crossref and web engines via scripts/openalex_search.py, multi_query_search.py and abstract_enrichment in config.yaml), and the AI is required to read/interpret those titles/abstracts per references/ai_scoring_prompt.md and SKILL.md to score/select papers and drive subsequent writing/selection/export actions, so untrusted web content can materially influence tool use and decisions.