yelp-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and reads user-generated Yelp review pages (see SKILL.md "Browser-Use for Reviews" and scripts/get_reviews.py which uses a browser-use Agent to "Go to Yelp.com... Find and read the reviews section" and scripts/scrape_reviews.py which scrapes Yelp pages), so untrusted third‑party content is ingested and parsed as part of the workflow and could influence agent behavior.