baidu-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill performs live web searches against Baidu's web_search and Baike endpoints (see scripts/baidu_search_manager.py using https://qianfan.baidubce.com/v2/ai_search/web_search and the baike/miaodong endpoints) and the command-line workflow (SKILL.md and scripts/search.py) consumes and acts on those returned titles/snippets/answers as part of its output generation, so untrusted public third‑party content can influence agent behavior.