academic-research-suite

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's search & synthesis workflow explicitly instructs using public tools/services (see search-synthesis.md: "使用 Elicit, SciSpace, Perplexity 等") and the citation verification guidance references Semantic Scholar/CrossRef/arXiv (references/citation-verification.md), indicating the agent will fetch and read untrusted public papers/web content and use those findings to drive drafting and decision-making.