implement-paper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches paper content from the public site alphaxiv.org (see SKILL.md Step 2 and references/fetching-papers.md) and then reads/uses that third-party markdown to decide how to build the notebook, so untrusted external content could influence agent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill fetches paper text at runtime from alphaxiv (e.g. https://alphaxiv.org/overview/{PAPER_ID}.md and https://alphaxiv.org/abs/{PAPER_ID}.md) and injects that external markdown into the agent workflow to drive how the notebook and prompts are constructed, so the fetched content can directly control agent instructions.