entrig-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Workflow explicitly requires calling get_context and to "Use the returned schema, existing notification awareness, and reasoning instructions" from the Entrig MCP server (e.g., the public endpoint https://mcp.entrig.com/beta in references/setup.md), meaning the agent ingests third-party responses that can materially influence its actions.