exa-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill calls the Exa API (search/contents/findsimilar/answer endpoints) to retrieve web pages, arbitrary URLs, and social/public content (e.g., news, tweets, GitHub) and the exa-fetcher sub-skill returns that third-party content as JSON for the agent to read and interpret, exposing it to untrusted user-generated web content.