setup-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md instructs adding a .mcp.json with an external "url" (e.g., "https:///mcp/" and the example github endpoint) so the agent will call and ingest content from arbitrary third‑party MCP servers, which could supply untrusted instructions that affect tool behavior.