airbnb-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's search_airbnb function (airbnb_search/search.py) fetches live listing data from Airbnb's public GraphQL endpoint (https://www.airbnb.com/api/v3/ExploreSearch) and AGENTS.md / SKILL.md advertise this as an agent-facing skill that parses user-generated listing content (titles, reviews, descriptions, URLs), which the agent consumes and could influence follow-up actions—so untrusted third-party content is clearly ingested as part of the workflow.