native-web-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the model to "Search the internet" (SKILL.md and buildUserPrompt) and calls provider web-search tools in runCodexSearch (tools: [{ type: "web_search" }]) and runAnthropicSearch (tools: [{ type: "web_search_20250305" }]), which fetch and ingest open/public web content that can influence the model's outputs and actions.