exa

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill automatically performs internet searches via the Exa API (see exa.js calling exa.search and SKILL.md stating "pi 会自动调用此技能进行搜索"), returning results from open/public web sources that the agent is expected to read and use—exposing it to untrusted third-party content that could contain instructive/malicious text.