deep-learning

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly performs web searches (WebSearch / Brave Search) and fetches/openly downloads content from public third‑party sources—e.g., arXiv PDF URLs, Semantic Scholar API, Papers With Code, arbitrary URLs via paper-downloader.py, and public blogs/forums like Medium/Reddit/GitHub—and the agent is expected to read and extract knowledge from those documents as part of its workflow, exposing it to untrusted user-generated content that could carry indirect prompt injections.