searching-web

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's scripts/web-search.sh explicitly runs the gemini CLI to perform web searches and return results/URLs from the open web, so the agent ingests untrusted, user-generated/public third-party content that directly informs its answers (INSTRUCTIONS.md and scripts/web-search.sh).