observability-engineering

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow (SKILL.md §10 and references/mcp-tools.md) explicitly instructs the agent to query external MCP servers (Datadog, Grafana/Prometheus, GitHub) and to read user-generated logs, traces, dashboards and commits as part of the core analysis loop, so untrusted third-party content can be ingested and influence decisions.