maven-tools

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to query live Maven Central data via the Maven Tools MCP server (and even falls back to WebSearch/WebFetch for official docs/release notes) so it fetches and interprets open, third‑party package metadata and web content as part of decision-making, which could carry indirect prompt-injection risk.