tavily-web

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md explicitly describes web search, content extraction from URLs, and website crawling via the Tavily API, so the agent will fetch and ingest open/public third-party web content (web pages/URLs) that it reads and uses in workflows, exposing it to potential indirect prompt injection.