mcp-brasil-server

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly fetches and ingests data from open public third‑party APIs (e.g., Portal da Transparência, TSE datasets including tse_redes_sociais, and Meta Ads via anuncios_eleitorais_buscar) and uses those responses as inputs to planning and tool execution (planejar_consulta, executar_lote), so untrusted or user‑generated content could materially influence the agent's decisions.