mcp-management

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly configures and executes MCP servers and tools that fetch and interact with arbitrary public web content (e.g., server-brave-search, server-puppeteer, server-fetch, playwright_screenshot and the Gemini CLI examples in references/gemini-cli-integration.md and SKILL.md), and the agent is expected to read/interpret those pages as part of tool selection and execution, allowing third‑party page content to influence subsequent tool use.