mcp-server-management

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md and references (references/setup-mcp-proxy.md and references/create-update-server.md) explicitly require using mcporter to list/review the tool schema and call at least one tool from the backend MCP server URL provided (e.g., arbitrary external MCP endpoints like Sentry/Notion/Asana), meaning the agent will fetch and interpret untrusted third-party tool schemas/responses which can materially influence subsequent tool use and decisions.