web-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill (SKILL.md and scripts/web_search.py) explicitly performs searches and scrapes public websites (Baidu/DuckDuckGo/Bing via requests/Playwright and arbitrary URLs via crawl_page/AsyncWebCrawler) and returns/extracts page content in deep_search/crawl, meaning untrusted, user-generated third‑party content is ingested and can materially influence subsequent agent decisions.