gemini-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md and scripts/search.sh explicitly perform internet searches—scripts/search.sh runs the Gemini CLI (gemini -p "") to retrieve real-time external web results—so the agent will ingest and act on untrusted, public third‑party content that can influence its decisions.