deploy-searxng

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill config (config/settings.yml) explicitly enables external search engines (e.g., google, duckduckgo, github, stackoverflow, wikipedia, arxiv) and the procedure's "Test a search" curl shows SearXNG returns aggregated results from those public sites, so the deployed service will fetch and surface untrusted third‑party content that could influence downstream behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill pulls and runs Docker images at runtime (e.g., searxng/searxng:latest, nginx:1.27-alpine, certbot/certbot from Docker Hub), which are external artifacts fetched during runtime that execute remote code and are required for the deployment.