mapbox-mcp-devkit-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md and AGENTS.md explicitly show the MCP DevKit ingesting and acting on untrusted third-party content—e.g., validating and fixing "GeoJSON from a vendor" and reading user feedback via get_feedback_tool/list_feedback_tool through the hosted MCP server—so the assistant will read and use external, user-generated data as input to tools and actions.