openalex-database

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md shows the agent fetching and consuming open/public third‑party data from the OpenAlex API (e.g., client.search_works, client.get_entity('works', 'https://doi.org/...') and requests.get(work['cited_by_api_url'])) and uses those returned works/abstracts in analysis, so untrusted third‑party content could influence agent decisions.