exa-web-search-free

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md and references/examples.md explicitly describe tools (web_search_exa, get_code_context_exa, company_research_exa, crawling_exa) that fetch and extract content from public sites (e.g., GitHub, StackOverflow, arbitrary URLs like "https://example.com/article" and "https://anthropic.com/...") and the agent is expected to read and act on those results as part of its workflow, exposing it to untrusted third‑party content that could contain instructions.