exa-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md and scripts show it calling Exa MCP web retrieval tools (web_search_exa, web_fetch_exa) via the MCP API (https://mcp.exa.ai/mcp) to fetch and read arbitrary webpages/URLs as markdown, meaning untrusted public/user-generated web content is ingested and used to drive agent outputs.