analyzing-research-papers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts and resolves DOIs and arbitrary URLs (e.g., arXiv PDFs, journal websites, bioRxiv/medRxiv and direct HTML/PDF links) and instructs the agent to read and analyze those public third-party documents, exposing it to untrusted user-generated or external web content that could carry indirect prompt injection.