biomedical-literature-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill programmatically fetches and ingests abstracts and metadata from public, user-authored sources (PubMed via NCBI E-utilities and bioRxiv via the bioRxiv API as shown in SKILL.md and examples/basic_example.py), which the agent reads and can use to drive its outputs and decisions, creating a clear vector for indirect prompt injection.