survey-generation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly retrieves and ingests papers from public third‑party sources (see SKILL.md "Step 1: Collect Papers — Search Semantic Scholar / arXiv" and scripts/search_semantic_scholar.py, plus the [PAPER LIST] used throughout the prompts), and those external papers are read and used to drive generation/decision steps, creating clear exposure to untrusted third‑party content that could enable indirect prompt injection.