ft-build-christian-ai-guardrails

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). Yes — the skill's required workflow (references/guardrails.md) explicitly instructs the agent to retrieve verses and commentary in real time from public third‑party Bible APIs and MCP servers (e.g., "Bible APIs" table and "Always retrieve verses from the Bible API before quoting" system prompt), meaning the agent will ingest external, openly hosted content at runtime that can influence its output.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill explicitly directs runtime retrieval of Scripture to inject into the model context (RAG/MCP) and lists a hosted MCP endpoint that would be contacted at runtime — https://bible-mcp.faith.tools/mcp — meaning external content from that URL directly controls the agent's prompt context.