serpapi

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly scrapes live public content via SerpAPI (serpapi.com) from Google Flights, Google Hotels, and Google Travel Explore and then uses those third‑party search results and hotel/OTA/review data as part of the SKILL.md workflow to compare cash vs award pricing, so untrusted public content can directly influence agent decisions.