arxiv-doc-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's orchestrator and docs (SKILL.md and fetch_paper.py / references/arxiv-fetch.md) explicitly fetch papers from arXiv (e.g., https://arxiv.org/src/{ARXIV_ID} and https://arxiv.org/pdf/{ARXIV_ID}.pdf), process that user-submitted/public content into Markdown (convert_latex.py, pdf_converter_lib.py, convert_pdf_with_vision.py) and instruct the agent to read/interpret it, so untrusted third‑party content can directly influence subsequent processing and actions.