paper-analyze

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and parses public third‑party content (e.g., curl to https://arxiv.org/pdf/[PAPER_ID] and https://arxiv.org/abs/[PAPER_ID], plus WebFetch to arXiv and Hugging Face) and then reads and interprets that untrusted, user‑published content to drive domain inference, note generation, image insertion and graph updates, so external content can materially influence agent actions.