perplexity-4

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The skill sends the user-provided QUERY (and optional -s system prompt) to Perplexity’s chat/completions endpoint, and Perplexity returns web-grounded content/citations that the script prints into the agent context; this web content is outsider-authored (public web pages) and is ingested as readable text via the API response.