google-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and returns live Google search results via the pure.md proxy (see SKILL.md and scripts/search.mjs which request https://pure.md/https://www.google.com/search?q=...), exposing the agent to untrusted public web content that it is expected to read and use to ground responses.