web-search-fallback

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests public web search results (e.g., SKILL.md shows using Task(subagent_type='general-purpose', prompt='Research: ...') as a fallback and INTEGRATION.md shows calls to web_search_fallback.py with engines like duckduckgo and searx), so the agent will read and act on untrusted third-party web content that could contain indirect instructions.