brave-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly performs web searches via the Brave Search API and fetches/extracts page content from arbitrary URLs (see the "Search" --content flag and "Extract Page Content" ./content.js https://...), so the agent ingests untrusted public third‑party web content it will read and act on.