serpapi-2

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's scripts (scripts/search.sh) call SerpAPI (https://serpapi.com/search.json) and scripts/format.py parses the returned organic/news/local search results from the open web, so untrusted third‑party content is fetched and directly consumed as part of the workflow and could influence agent decisions.