bdd-mathematical-verification

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill ingests and processes arbitrary user-supplied images and PDFs via the mathpix-gem (see MathematicalFormulaExtractor.extract_from_image and extract_from_document in lib/mathematical_formula_extractor.rb and the Cucumber steps that call them), parsing returned LaTeX/Markdown that the agent then reads and acts on—exposing it to untrusted, user-generated third-party content from the Mathpix service.