autoresearch

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's mandatory Bootstrap workflow in SKILL.md directs the agent to search and ingest literature from public sources (e.g., Exa MCP / web_search_exa, Semantic Scholar, arXiv, CrossRef) and to read/interpret those results to form hypotheses and steer experiments, so untrusted third-party content can directly influence tool use and next actions.