skill-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's scripts/search_catalog.py explicitly fetches search results and skill details from a public Agent Skills Catalog API (requests.get to "{api_url}/api/catalog/search" and "{api_url}/api/catalog/{vendor}/{skill}") and SKILL.md states it searches the public catalog, so untrusted, user-contributed catalog entries are ingested and used to drive the agent's outputs/choices.