alphaear-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill performs live web searches and content scraping from open public sources (scripts/search_tools.py uses Jina/DDG/Baidu and scripts/content_extractor.py fetches webpage content via the Jina reader), and those retrieved, untrusted third-party pages are then enriched and passed to the agent/LLM for sentiment analysis and interpretation (scripts/search_tools.py -> enrichment and scripts/sentiment_tools.py), creating a clear risk of indirect prompt injection.