webmcp-testing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md "Before writing code" section explicitly instructs fetching live docs via web-search (e.g., developer.chrome.com, site:github.com and other public sites) so the agent is expected to ingest and act on untrusted, user-visible third-party web content that could influence testing and tool-invocation behavior.