web-search-brave

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly queries the Brave Search API (api.search.brave.com) in scripts/search.ts and SKILL.md to fetch web results, descriptions, and extra_snippets from arbitrary public websites, so untrusted third‑party content is ingested and presented for the agent to read and act on.