serpapi-web-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly directs the agent to perform web searches via SerpApi (e.g., using engines like google_light, bing, youtube) which return organic_results/news_results that ingest and present open/public third-party webpages and user-generated content from the internet (see SKILL.md and rules/ENGINES.md), so the agent will read and act on untrusted third-party content at runtime.