citation-verifier

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill performs WebFetch/WebSearch and API lookups against public sites (CrossRef, arXiv.org, pubmed.ncbi.nlm.nih.gov, openlibrary.org, and arbitrary academic URLs) and is expected to read and interpret those fetched third-party pages/metadata, exposing the agent to untrusted public content that could carry indirect prompt injections.