trip-planner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill performs WebSearch queries and optional WebFetch of public booking pages (e.g., constructed Skyscanner/Google Flights URLs and general web search results) and parses those pages for pricing and flight details, so it ingests untrusted third-party web content that could carry indirect prompt injections.