desearch-crawl

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and returns content from arbitrary public web pages — SKILL.md "Crawl Webpage By Desearch: Extract content from any webpage URL" and scripts/desearch.py (cmd_crawl -> /web/crawl using the user-supplied url) show the agent ingests untrusted third-party page content that could contain instructions influencing behavior.