reaction-data-extraction

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests arbitrary user-supplied PDFs (parsed via MinerU in run_mineru in scripts/reaction_data_extraction.py and documented in SKILL.md) and parses/acts on their untrusted textual/table content (extract_reactions_from_text, parse_reaction_table), so third‑party content can directly influence tool outputs and downstream actions.