eval-harness-updater

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Research Gate explicitly requires using Exa for web_search/get_code_context and even a direct WebFetch to arxiv.org (see "Research Gate (Exa + arXiv — BOTH MANDATORY)" and the WebFetch example), so the agent will fetch and interpret public web/arXiv content that can influence harness changes, exposing it to untrusted third-party instructions.