web-search-advanced-financial-report

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill calls the web_search_advanced_exa tool to fetch and crawl public financial documents and websites (e.g., SEC filings on sec.gov, investor.apple.com and other public URLs) and explicitly instructs agents to merge, read, summarize and return those results, exposing the agent to untrusted third-party web content that could contain indirect prompt injection.