azure-foundry-websearch

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly performs real-time web searches using Azure AI Foundry's Responses API with "Grounding with Bing" (see SKILL.md "Web search returns real-time results from the public web") and the scripts (scripts/foundry-search-api.sh) parse and use the API's web_search_preview output and URL citations as part of the agent's answer, exposing it to untrusted public web content that can influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's scripts invoke the user-configured Azure AI Foundry endpoint (e.g. https://.services.ai.azure.com/openai/v1/responses) at runtime via curl to fetch model responses that directly determine the agent's output/instructions and are required for operation.