tavily-search-free

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly calls the Tavily Search API to fetch real-time public web results (see scripts/tavily_search.py and SKILL.md/README.md), returning fields like "content" and "raw_content" for LLM consumption, so untrusted third‑party webpages can be read and influence the agent's decisions.