mcp-provider

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's discovery workflow (discover_mcp.py and SKILL.md) explicitly fetches and ingests MCP catalogs from approved_sources such as the public GitHub URL https://github.com/modelcontextprotocol/servers and also accepts arbitrary --source URLs, meaning it consumes public third‑party catalog content that can directly influence which tools and runtimes are attached and used.