exa

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill performs real-time web search and content extraction from arbitrary public URLs (e.g., scripts/exa.py search --text and scripts/exa.py contents --urls --livecrawl), so the agent will ingest untrusted third-party web content that could carry indirect prompt injections.