desearch-web-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's CLI and SKILL.md (scripts/desearch.py and SKILL.md) call the Desearch web API (DESEARCH_BASE https://api.desearch.ai, /web) to fetch real-time SERP entries and user-generated snippets/links (e.g., Reddit) which the agent ingests and returns as part of its normal workflow, so untrusted third-party content could contain instructions that influence behavior.