local-pois

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill requires calling Brave's web-search (with result_filter=locations) to obtain POI IDs and then retrieves POI details (including provider_url, reviews, thumbnails, and related web results) from public websites like Yelp, so the agent will ingest and interpret untrusted, user-generated third-party web content.