build-mcp-server-sdk-v2

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required guides and examples (e.g., references/examples/server-recipes.md Recipe 1 fetching API_BASE_URL, references/guides/authentication.md using a remote JWKS_URL, and references/patterns/production-patterns.md showing dynamic tool registration via fetchApiEndpoints) explicitly show fetching and ingesting external HTTP endpoints and using that data to build/modify tools or make auth decisions, which exposes the agent to untrusted third‑party content that can influence runtime behavior.