ollama-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill's SKILL.md "Рабочий процесс для агента" and the provided scripts (scripts/ollama-search.sh and scripts/ollama-fetch.sh) explicitly direct the agent to call Ollama Web Search/Web Fetch on arbitrary public URLs and ingest the returned page "content" (from references/api.md), meaning untrusted third-party web content is read and used to drive agent decisions and follow-up actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill makes runtime calls to https://ollama.com/api/web_fetch (and the related https://ollama.com/api/web_search) to fetch arbitrary page content which is injected into the agent/tool message context (i.e., used to form prompts/responses), so remote content can directly influence agent instructions and the skill depends on these endpoints.