multi-search-engine

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and reference docs explicitly call web_fetch to retrieve live search results and webpages from public search engines (e.g., Google, DuckDuckGo, Brave, Startpage, WolframAlpha), so the agent ingests untrusted, user-generated web content as part of its workflow which could influence actions.