exa-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow (Step 3 "Execute Search" and commands like get-contents "URL1" "URL2" / find-similar "URL") explicitly fetches and extracts highlights/text/summaries from broad web sources (blogs, news, personal sites, arbitrary URLs), so untrusted third-party content is ingested and can influence follow-up actions and decisions.