academic-web-scraping

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly contains scraping and API code that fetches and parses arbitrary public web content (e.g., scrape_conference_proceedings(url), scrape_dynamic_page(url), and OpenAlex/PubMed API examples), so the agent would ingest untrusted, user-generated third‑party pages whose content could influence parsing and downstream actions.