desearch-ai-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill (SKILL.md and scripts/desearch.py) explicitly queries the Desearch API to fetch and aggregate public web and social media content (web, Reddit, Hacker News, YouTube, ArXiv, Wikipedia, X/Twitter) and returns API "completion" summaries and links, so untrusted, user-generated third‑party content is ingested and directly used to form the agent's responses.