mcp-developer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's reference examples (e.g., references/resources.md showing repo://{owner}/{repo}/issues with fetchGitHubIssues and references/tools.md showing an HTTP fetch_api tool that fetches an arbitrary args.url) explicitly describe fetching and returning content from public, user-generated third-party sources which the agent is expected to read and which could influence subsequent tool use or decisions.