brightdata-local-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill runs the unfancy-search pipeline using Bright Data's SERP API and exposes a local endpoint (http://localhost:3000/api/search) that returns ranked public web URLs/results which the agent is explicitly instructed to parse and use to ground responses, so untrusted third-party page content can materially influence agent decisions and enable indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs cloning and running the repository https://github.com/yaronbeen/unfancy-search.git (git clone followed by docker compose / pnpm dev), which fetches and executes remote code that the skill depends on.