audit-agentic-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md "Freshness checks" (and the npm commands shown in references/decision-trees/brainstorming-new-mcp.md) explicitly instruct the agent to fetch npm package metadata and official repo/release notes from public web sources, so the agent will ingest untrusted third‑party content (npm/GitHub/web pages) and use it to make framework/version routing and implementation decisions.