byted-deepsearch

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow explicitly calls the byted-web-search skill (runs python scripts/web_search.py "<query>") to fetch and append real-time web search results to the findings array, meaning the agent ingests untrusted public web content that the LLM then reads and uses to decide next searches and actions.