best-practice-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's run.py calls tavily_search to perform web searches and returns web_results which are then fed into the generated "synthesis_prompt" for LLM synthesis, meaning it ingests and interprets arbitrary public web search results/URLs (untrusted third-party content) that could contain indirect prompt injections.