brave-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill performs web/image/news searches against Brave's public API (e.g., web_search -> https://api.search.brave.com/res/v1/web/search in brave.py/cli.py) and formats/prints returned page snippets, URLs, and citations—i.e., it ingests and displays untrusted public web content as part of its workflow, enabling indirect prompt injection.