prowlarr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill queries external public indexers and ingests their search results (see SKILL.md "Search operations query external indexers", the GET /search endpoint in references/api-endpoints.md, and cmd_search in scripts/prowlarr-api.sh), returning untrusted, user-generated fields like title, infoUrl and downloadUrl that the agent is expected to read/present and that can drive follow-up actions (downloads, enable/disable/sync), so third‑party content could indirectly influence agent behavior.