grok-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The grok-search skill explicitly instructs Grok to use server-side web_search and x_search tools via the xAI Responses API (see scripts/grok_search.mjs and SKILL.md) to fetch public web pages and X/Twitter content, parses that untrusted/user-generated content (snippets/citations) as part of its workflow, and uses it to generate structured outputs—exposing the agent to indirect prompt injection from third‑party content.