tool-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md's "Research Gate (Exa + arXiv — BOTH MANDATORY)" explicitly requires using Exa web searches (mcp__Exa__web_search_exa) and WebFetch to arXiv (e.g., WebFetch({ url: 'https://arxiv.org/search/...'})), so the skill mandates fetching and interpreting open/public third‑party web content that can influence follow-on actions.