crewai

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill assigns researcher agents web-search tools (e.g., SerperDevTool, WebsiteSearchTool and the WebSearchTool implementation calling search_api.search(query) in references/patterns.md) and uses research flows that ingest those search results, so agents fetch and read content from public websites (untrusted third‑party content) as part of their workflow.