tavily-web

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly says the skill performs web search, content extraction "from URLs", and "crawling websites" via the Tavily API, meaning the agent will fetch and read untrusted public web content that could contain instructions influencing its actions.