nextjs-chatbot

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly includes web search tools and patterns that fetch and ingest content from public websites (see SKILL.md "Web search — provider-native, third-party SDK, or custom fetch patterns" and web-search.md's custom fetch example using fetch(${API_BASE}/search?...)), which means untrusted third‑party web content can be read and used by the agent as part of its workflow.