search
Warn
Audited by Snyk on Feb 16, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The scripts/search.sh builds a Google search URL and sends it to Bright Data's API (format "raw", data_format "parsed_light") then parses and outputs the .organic results (link, title, description), which exposes the agent to arbitrary public web content and user-generated pages that could carry indirect prompt injection.
Audit Metadata