exa-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill (see SKILL.md and scripts/exa_search.py) calls an external web-search API (search_exa / find_similar) and explicitly supports extracting full page "text" and "highlights" (research/docs commands and the --text/--highlights flags, with "research" defaulting to text extraction), so it ingests open/public third‑party web content which the agent is expected to read and could materially influence subsequent actions.