bing-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's main script (skill.py) performs live HTTP requests to https://cn.bing.com/search (requests.get) and scrapes/parses arbitrary public web search results (re.findall, extract_desc) which are untrusted third‑party contents that the tool reads and uses to generate and sort outputs (as described in SKILL.md), exposing it to potential indirect prompt injection.