openalex

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly fetches and ingests data from public third-party endpoints (OpenAlex API and external PDF URLs such as content.openalex.org and europepmc.org) as part of its required workflows (see SKILL.md "PDF Retrieval" and the scripts/openalex_download_pdf.sh and references/query-recipes.md), and those external responses (metadata and pdf_url) directly determine follow-up actions like downloading files and issuing further requests, creating a clear avenue for untrusted third-party content to influence agent behavior.