huggingface-papers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly fetches and ingests public, user-submitted Hugging Face paper pages and arXiv content (e.g., "curl https://huggingface.co/papers/{PAPER_ID}.md" and the /api/papers endpoints in SKILL.md), which are untrusted third‑party sources that the agent reads and uses to summarize/analyze papers, so those pages could contain content that influences agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill runtime fetches paper content with curl from https://huggingface.co/papers/{PAPER_ID}.md (and related Hugging Face paper API endpoints) and injects that remote markdown/metadata into the agent context to drive summaries/analyses, so the fetched content directly controls the agent's prompts/outputs.