institutional-repository-guide

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly fetches public third‑party content (e.g., OpenDOAR via search_opendoar and repository OAI‑PMH endpoints via harvest_repository) and instructs the agent to ingest and act on those records for harvesting/deduplication, so untrusted repository content could materially influence tool decisions.