uv-read-arxiv-paper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly downloads and ingests papers from the public arXiv website (see scripts/download_arxiv.py fetching https://arxiv.org/..., and the SKILL.md workflow that requires reading the paper in passes and using its content to drive report writing), so untrusted, user-submitted third-party content can be interpreted and materially influence the agent's outputs and actions.