web-search-tavily

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill calls Tavily's public search API (see the fetch to "https://api.tavily.com/search" in scripts/search.ts) and returns/exposes "content" and optional "raw_content" from arbitrary public web pages (news/sites/social media) which the agent is expected to read and use in its AI-generated answers, so it ingests untrusted third‑party content.