build-mcp-server-sdk-v1

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflows and examples explicitly show servers fetching and ingesting external/untrusted content (e.g., Recipe 1's apiRequest using fetch(API_BASE) in references/examples/server-recipes.md and resource/prompt examples that read arbitrary resource URIs/fetchResourceContent in references/guides/resources-and-prompts.md), and those fetched results are returned as tool/prompts content that an LLM/client will read and can change subsequent tool use and decisions.