curl-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's scripts (scripts/search.sh) and SKILL.md explicitly perform curl queries against public search engines (Baidu/Google/Bing/DuckDuckGo), scrape and return text from arbitrary web pages (public search results, docs, tutorials, GitHub, etc.), which are untrusted third‑party sources that the agent will read and that could contain instructions influencing subsequent actions.