flight-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's search_flights implementation (flight_search/search.py) calls fast_flights.get_flights with fetch_mode="common" and the README/cli state it "scrapes Google Flights"—i.e., it fetches and parses live, public Google Flights pages (third-party web content) and uses that content as part of its workflow, exposing the agent to untrusted external data.