exa-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Answer API and Deep Search explicitly fetch and ingest content from web search results and arbitrary URLs (see references/answer-api.md and references/deep-search.md where exa.answer and exa.search_and_contents return citation.url, citation.text, summaries, and full page text), so the agent will read untrusted third-party web content as part of its workflow.