search1api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests public, user-provided web content (e.g., SKILL.md "When to use" and "Workflows" plus reference/api-parameters.md and reference/examples.md) via crawl/search/extract endpoints and scripts (scripts/crawl.sh, scripts/extract.sh, scripts/search.sh) so the agent reads and synthesizes untrusted third-party pages (search engines, Reddit/X/hackernews, arbitrary URLs), which could allow indirect prompt injection to influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill issues runtime POSTs to the external API at https://api.search1api.com (e.g. the /crawl endpoint) to fetch arbitrary user-supplied pages and inject their returned content into the agent workflow for summarization, which lets remote content directly control prompts and thus poses a high risk.