mcp-inspector

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md explicitly instructs the agent to fetch and interpret external MCP server data (e.g., "server probe --url ", "tools call --ui" which renders server-provided UI/tool output, and "resources read --resource-uri ui://..."), so it ingests untrusted third-party content that can materially influence triage, tool use, and security decisions.