local-rag-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md and README explicitly instruct the agent to perform web searches via the mcp-local-rag server against open backends (DuckDuckGo, Google, Bing, Wikipedia, etc.) and to fetch, cite, and synthesize the returned URLs and content, which are untrusted public third‑party sources the agent will read and interpret.