agent-auth-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and interprets provider-hosted data (e.g., discover_provider with a URL, list_capabilities and describe_capability for provider URLs like "https://api.example.com") and requires the agent to read provider-supplied capability definitions/input schemas before executing actions, so untrusted third-party content could influence behavior.