implement-paper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (SKILL.md Step 2 and references/fetching-papers.md) instructs the agent to fetch and read paper content from public sites (alphaxiv.org and arxiv.org), which the agent must interpret and use to decide notebook structure and code, exposing it to untrusted third‑party content that can influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill fetches paper content at runtime from alphaxiv.org (e.g., https://alphaxiv.org/overview/{PAPER_ID}.md and https://alphaxiv.org/abs/{PAPER_ID}.md) via curl and uses that markdown as the basis for the agent's notebook generation, meaning remote content is injected into the agent context and directly controls prompts/instructions.