brave-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). search.js calls the Brave Search API to retrieve open-web results and (with --content) fetches and extracts the HTML of result URLs, and content.js likewise fetches arbitrary public URLs, so the agent ingests untrusted third-party web content that could contain instructions and influence its actions.