unifuncs-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly performs real-time web searches via the UniFuncs Search API (POST to https://api.unifuncs.com/api/web-search/search) and ingests untrusted third-party content (response fields like data.webPages with snippets/summaries and URLs) as part of its required workflow, so those external pages could contain instructions that materially influence agent decisions.