database-manager

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly lists MCP Server Integration entries "Web Search" and "Firecrawl" (for database trends and documentation), which implies the agent will fetch and read open/public web content and documentation from third-party sources as part of its workflow, exposing it to untrusted user-generated or public content.