ddg-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md's "Search-then-Fetch Pattern" explicitly instructs the agent to use web_fetch on DuckDuckGo Lite results (https://lite.duckduckgo.com/lite/?q=...) and then "Fetch — use web_fetch on those URLs to read full content", meaning the agent will ingest and act on arbitrary public web pages (untrusted third-party content) that could contain instructions influencing behavior.