survey-director

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (IMPLEMENTATION_PLAN.md "检索策略" listing ArXiv, Semantic Scholar / Exa, Papers With Code and the Phase 2 handoff to the 文献侦查员 producing paper_analyses/ and literature_matrix.md) explicitly directs retrieval and analysis of public third‑party papers, so untrusted external content will be ingested and can influence subsequent decisions/actions.