search-layer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests open web content via Brave web_search and the search.py script (which calls third‑party APIs Exa, Tavily, and Grok) as described in SKILL.md and scripts/search.py, and it parses those external results (URLs, snippets, dates) to score, deduplicate, and synthesize answers—meaning untrusted/user-generated web content can materially influence the agent's decisions and outputs.