Finding Open Access Papers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to call the Unpaywall API (https://api.unpaywall.org/v2/DOI) and then follow and download PDFs from returned third-party URLs (e.g., best_oa_location.url_for_pdf pointing to Europe PMC, arXiv, institutional repositories or publisher sites) as shown in the "Implementation Pattern" and Python helper, which means untrusted public content is fetched and can influence subsequent actions.