brave-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md shows the agent using the Brave Search API (brave_web_search, brave_news_search, etc.) to retrieve results from public websites and explicitly instructs extracting URLs and "Use Code Buddy to fetch and summarize" those pages, so untrusted third‑party content is fetched and can influence subsequent actions.