paper-analyzer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's mandatory workflow (Step 2 Fetch Paper Content) explicitly downloads papers from public arXiv URLs (e.g., https://arxiv.org/abs/[PAPER_ID], https://arxiv.org/pdf/[PAPER_ID]) and Step 3 requires the agent to analyze that fetched, user-submitted third-party content, which could therefore carry instructions that materially influence analysis and downstream actions.