web-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill performs real-time searches and navigates to arbitrary public web pages via Google/Bing using a Playwright-controlled browser (see SKILL.md and scripts/search.sh) and exposes those untrusted third-party results and page content through the Bridge Server API endpoints (e.g., /api/search, /api/page/content, /api/page/text) which Claude is instructed to parse and synthesize into answers, so external user-generated webpages can materially influence agent behavior.