sci-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's main script (sci_search.py) and SKILL.md explicitly fetch and parse content from open third‑party sources (arXiv via export.arxiv.org, PubMed via NCBI eutils, and Web of Science via api.clarivate.com), ingesting titles/abstracts/metadata which the agent reads and uses to rank, highlight, cache, and produce follow-up outputs, so untrusted external text could indirectly influence behavior.