paper-digest

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly accepts and summarizes arXiv papers (e.g., "Use when user provides arxiv paper(s)" and the example arXiv link https://arxiv.org/abs/...), which are open/public third‑party documents the agent would fetch/read and thus could contain untrusted/user-generated content that may carry indirect prompt-injection vectors.