serpapi

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's search() function in scripts/serp.py calls SerpAPI (https://serpapi.com/search.json) to fetch live web search results (Google, Yelp, Amazon, etc.) and format_results parses and acts on fields like organic_results, local_results, shopping_results, and knowledge_graph, meaning untrusted public/user-generated content is ingested and used in the agent's workflow.