analyzing-research-papers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's "Paper Access Methods" explicitly instructs ingesting content from DOIs and URLs (e.g., arXiv, journal websites, bioRxiv/medRxiv and resolving via https://doi.org/{doi}), and the workflow requires the agent to read and analyze those public third-party PDFs/HTMLs, so untrusted external content can directly influence its decisions and outputs.