bing-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md instructs the agent to navigate to https://www.bing.com using the Playwright MCP plugin and run scripts/extract-results.js to scrape titles, URLs, descriptions and other fields from live Bing search results (arbitrary public websites), so the agent ingests untrusted third-party content that can influence subsequent navigation and decisions.