web-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md instructs the agent to run web searches via Gemini CLI (using tools like GoogleSearch/WebFetch and site-specific templates such as site:stackoverflow.com, site:medium.com, and site:github.com) and to process and act on the returned public web content, which clearly exposes the agent to untrusted, user-generated third‑party content that could carry indirect prompt injections.