perplexity-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill calls Perplexity's public search endpoint (https://api.perplexity.ai/search) to retrieve real-time web answers and citation URLs and explicitly instructs integrating those API results into LLM prompts/workflows (e.g., "prepend API results to LLM prompts" and "merge results before final output"), which means untrusted third‑party web content can be read and materially influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). This skill calls https://api.perplexity.ai/search at runtime and explicitly recommends injecting the API's returned answers/citations into LLM prompts (e.g., "prepend API results to LLM prompts"), so fetched remote content can directly influence the agent's prompts and is a required runtime dependency.