mcp-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill instructs the agent to use web-facing tools (e.g., mcp__exa__web_search_exa, mcp__jina__search_web and mcp__jina__read_url) to discover and extract content from public sites (including GitHub, Stack Overflow and arbitrary web pages), so the agent will fetch and interpret untrusted, user-generated third-party content as part of its workflow.