grok-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly performs real-time web research via a Grok endpoint (see README.md and SKILL.md) and scripts/grok_search.py (system prompt: "Use live web search/browsing when answering"), so the agent ingests untrusted public web content from third‑party sites which can materially influence its responses and tool use.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.70). The prompt explicitly tells the user to run PowerShell with "ExecutionPolicy Bypass", which is an instruction to bypass a security mechanism (though it does not request sudo, create users, or modify system-level files), so it poses a moderate-high risk.