web-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly performs live web searches and fetches/parses public third‑party content (see SKILL.md Steps 5–6 and providers.md referencing SerpAPI/Serper/Brave/SearXNG/etc.), downloading text snippets and original images for analysis and grounding, so untrusted web content could inject instructions that affect the agent's decisions and downstream grounded prompts.