whatsapp-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly ingests user-generated third-party content via the WhatsApp MCP tools (e.g., get_chat_messages in SKILL.md and references/tools.md) to read chat history and group messages, which the agent is expected to interpret as part of its workflow and could therefore carry instructions that influence subsequent actions.