brave-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill calls the Brave Search API and (per SKILL.md and search.js/content.js) fetches arbitrary public web pages via fetchPageContent (and content.js) to extract and return page content/markdown, so untrusted third‑party web content is ingested and presented as part of the agent workflow and could influence subsequent actions (enabling indirect prompt injection).