web-search-plus

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill clearly fetches and ingests untrusted public web content (e.g., Perplexity via Kilo that "reads pages and summarizes" and returns synthesized answers, You.com's "livecrawl" full-page content, and Tavily's "raw_content") as documented in SKILL.md/README.md and implemented in scripts/search.py, and that third‑party content is parsed and used to produce answers and guide routing/decisions.