youdotcom-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests untrusted third-party web content via ydc search with "livecrawl":"web" and ydc contents from arbitrary URLs (see the SKILL.md examples and the "Safety rule" / "Handle Results Safely" sections), meaning the agent will read external user-generated or public web pages that could contain indirect prompt-injection content.