a2a-mcp-bridge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs fetching live docs and web-searching public sources (e.g., https://a2a-protocol.org/latest/specification/ and site:github.com / modelcontextprotocol.io searches), so the agent will ingest and act on open/public third-party content that could carry untrusted instructions.