oma-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required execution protocol and SKILL.md explicitly dispatch a "web" route and use the runtime native search plus an "oma search fetch" escalation (api/probe/impersonate/browser) to fetch and ingest public web pages (examples and docs mention StackOverflow, Reddit, blogs and arbitrary URLs), so the agent will read untrusted, user-generated third‑party content that can affect routing, trust scoring, and subsequent actions.