academic-research-hub

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests content from public third-party sources (arXiv, PubMed, Semantic Scholar) — see SKILL.md and the search_* functions in scripts/research.py which retrieve abstracts, metadata, URLs and download PDFs — so untrusted, user-generated content is read and used to drive downloads and output formatting.