mcp-integration-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and examples explicitly show MCP servers reading and ingesting external, potentially untrusted content (e.g., the "Resources" read_resource handlers and the "External API Integration" / APIIntegrationServer examples that call external endpoints like https://api.weather.com/current and https://api.example.com via httpx), and those resources/prompts are returned to the assistant as content or prompt messages that can influence subsequent tool calls and behavior.