academic-research-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to use web_search and web_fetch to find and ingest content from open/public third-party sources (e.g., Google Scholar, arXiv, IEEE Xplore) which the agent will read and interpret as part of its workflow, exposing it to untrusted external content that could enable indirect prompt injection.