cursor-docs

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The mcp.json examples show remote MCP server URLs such as "https://api.example.com/mcp" which Cursor calls at runtime to run MCP tools and return Prompts/Tools (i.e., remote servers can supply prompt content and execute actions on the agent's behalf), so a configured remote MCP URL is a runtime external dependency that can directly control prompts or execute code.