integrate-web-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.95). The required workflow uses fetch_page(url) to retrieve and extract readable text from an arbitrary runtime-supplied URL (public web content), which is then fed into the agent’s LLM context as tool output—an outsider-authored free-text source.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill issues runtime web requests (e.g., DuckDuckGo HTML search at https://duckduckgo.com and arbitrary user-supplied page URLs fetched by fetch_page) and injects the returned page text into the agent's context, so remote content can directly control prompts (there is no evidence it executes remote code).