mcp-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill documents connecting Claude Code agents to external MCP endpoints (e.g., SSE/HTTP/ws URLs like https://mcp.asana.com/sse and https://api.example.com/mcp in SKILL.md and references/server-types.md) and explicitly describes agents using MCP tools autonomously to query and analyze returned data (references/tool-usage.md), which means the agent will fetch and interpret untrusted, user-generated third‑party content.