academic-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md shows the tool queries the public OpenAlex API and fetches open-access paper full text (e.g., the "deep read" and literature-review scripts) so the agent ingests and interprets untrusted third-party web content as part of its workflow, which could allow indirect prompt injection.