baidu-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill performs live web searches via the Baidu AI Search API (see SKILL.md) and the runtime script scripts/search.py POSTs queries to https://qianfan.baidubce.com/v2/ai_search/web_search and ingests results["references"] (removing only "snippet"), meaning it fetches untrusted public web content that the agent will read and could influence subsequent actions.