duckduckgo-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md "Workflow: Search then Extract" and accompanying examples explicitly instruct using ddgs to retrieve DuckDuckGo search results (titles/hrefs/snippets) and then fetch full page content with web_extract/browser/curl from arbitrary third-party URLs, meaning the agent will read untrusted public web pages whose content could change its actions.