research-lookup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's runtime code (research_lookup.py and scripts/research_lookup.py) sends queries to Perplexity via OpenRouter (POST to https://openrouter.ai/api/v1/chat/completions) and to the Parallel Chat API (https://api.parallel.ai), extracts "search_results", snippets, DOIs and URLs from those third-party responses and includes them in generated reports and saved files in sources/, so it clearly ingests and acts on untrusted public web / academic search content.