integrating-ai-web-apps

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's MCP and agent workflows explicitly show the agent obtaining tools from MCP servers and executing/ingesting external HTTP content (e.g., references/MCP-INTEGRATION.md: app/api/chat/route.ts creating an MCP client and src/mcp-server.ts defining server.tool that calls fetch("https://api.example.com/search?q=...")), and it also references community MCP endpoints and WikipediaQueryRun, so untrusted public content is read/interpreted and can materially influence tool selection and subsequent agent actions.