google-web-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill invokes Gemini's google_search grounding tool to perform real-time Google web searches (see scripts/example.py and README), so the agent ingests and interprets untrusted public web content (search results/web pages) as part of its workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill uses Gemini's google_search grounding tool at runtime to fetch arbitrary external web pages (e.g., search results served via https://www.google.com/search) whose content is injected as groundingChunks into the model and thus can directly influence prompts/outputs, so this external runtime fetching is a risky dependency.