gemini-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly exposes web-fetch and web-search tools (see "Web fetch tool (web_fetch)" and "Web search tool (google_web_search)" in the Tools section) and the documentation itself includes pages fetched from https://geminicli.com/ (source: crawler), meaning the agent can fetch and read arbitrary public web pages/URLs and thus ingest untrusted third‑party content.