searxng-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's scripts/search.py calls a SearXNG instance (configured via SEARXNG_URL, default http://localhost:8080) to retrieve JSON "results" from public web sources and categories (e.g., news, social media, general) which are returned and consumed by the agent as part of its workflow, exposing it to untrusted third‑party content that could contain actionable instructions.