premiere-pro-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The Install Workflow explicitly instructs cloning and running code from the public GitHub repo https://github.com/hetpatel-11/Adobe_Premiere_Pro_MCP (git clone + npm run setup), meaning the agent fetches and executes untrusted, user-authored third-party content that can materially alter tool behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). I flagged https://github.com/hetpatel-11/Adobe_Premiere_Pro_MCP.git because the install workflow instructs cloning that repository at runtime and then running its code (npm scripts / node), meaning fetched remote code would be executed and is a required dependency.