zenodo-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to fetch and parse public, user-contributed Zenodo records and files (e.g., the "records: Search and Retrieve Records" GET https://zenodo.org/api/records endpoint and the provided curl/Python examples that iterate over data["hits"]["hits"] and file links), which are open third-party content the agent would read and could materially influence subsequent behavior.