searxng-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow (SKILL.md step 3) and scripts/search.py explicitly fetch JSON search results from the configured SearXNG base_url (calling /search on that instance) and parse/display answers, infoboxes, results, suggestions, and corrections — i.e., it ingests untrusted public web content that the agent is expected to read and use to form responses.