brave-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly exposes fetching and extracting content from arbitrary public web pages via the Brave Search API and the ./content.js URL fetch (e.g., "./content.js https://example.com/article" and "search.js --content"), so the agent will read untrusted, third‑party page content that could contain instructions influencing its actions.