exa-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow (Step 3: "python3 tools/exa_search.py search ...") explicitly performs broad web searches and content extraction from public sources (blogs, docs, news, URLs) and Step 4 requires the agent to read and present extracted text/highlights/summaries, so untrusted third‑party web content is ingested and can influence follow-up actions (e.g., fetching full text, finding similar pages, wiki ingest).