paper-to-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 1 explicitly fetches papers from arXiv (via https://arxiv.org/abs/) and arbitrary paper URLs via WebFetch, then ingests and interprets that third‑party content in Phase 2–4 to extract algorithms and drive automated skill generation, so externally‑hosted pages could inject instructions that alter downstream behavior.