postman-mcp-server

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly exposes the agent to public/untrusted content — e.g., the "search_public_apis" tool, generation from API specs/public Postman workspace link (https://www.postman.com/.../collection/681dc649440b35935978b8b7), and the "send_request" tool that calls arbitrary URLs — and the agent is expected to read/interpret those external API definitions/responses to generate code and drive actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill explicitly configures and invokes the remote MCP host (https://mcp.postman.com and related endpoints) at runtime (e.g., via "claude mcp add ... https://mcp.postman.com/minimal") to execute tools/collection runs and generate code, meaning external server responses control agent actions and can execute remote behavior.