dspy-utils

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md "6. MCP integration" section shows the agent connecting to remote MCP servers (e.g., streamablehttp_client("http://localhost:8000/mcp") and ClientSession.list_tools) and converting/listing third‑party tools via dspy.Tool.from_mcp_tool, which causes the agent to ingest untrusted tool descriptions/behaviors from external HTTP servers that can materially influence its actions.