peer-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly requires "critiquing academic manuscripts" and the "Initial Reading" step implies ingesting and interpreting user- or third-party–provided manuscript text, which is untrusted content that could contain indirect prompt injection.