searxng

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly directs the agent to use a SearXNG instance with web_fetch/browser to retrieve search snippets and full pages from public sites (see "Method 1: web_fetch", the "Available Engines" list including Reddit/Stack Overflow/Google, and the fallback "use browser" flow), so the agent will ingest and act on untrusted third‑party web content.