exa

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches and returns content from arbitrary public websites and social platforms (e.g., web_search_exa, web_search_advanced_exa, crawling_exa --url "...", and linkedin_search_exa), so the agent ingests untrusted third-party/user-generated content that could contain indirect prompt injections.