brave-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs the agent to call the Brave Search API (e.g., https://api.search.brave.com/res/v1 in the "Basic Web Search", "News Search", and "Get Raw JSON Response" examples) to fetch public web/image/video/news results (untrusted, user-generated content) that the agent is expected to read/summarize and which could materially influence subsequent decisions or actions.