bgpt-paper-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill calls the remote BGPT MCP server (https://bgpt.pro/mcp) to fetch and return structured full‑text content (methods, results, conclusions) from third‑party scientific papers, which the agent is expected to read and use to drive literature-synthesis decisions, exposing it to untrusted external content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill connects at runtime to a remote MCP server (https://bgpt.pro/mcp/sse and https://bgpt.pro/mcp) which supplies tool definitions/instructions that directly control the agent's prompts/behavior, making it a required external runtime dependency.