web-search-plus

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill directly queries public third‑party search engines and can ingest arbitrary web content for agent use—e.g., Tavily can return full page/raw_content, You.com supports livecrawl (full page Markdown), Serper returns Google results, and SearXNG aggregates 70+ public engines—so the agent will read and act on untrusted, user‑generated/open web content returned by those providers.