agent-factory

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill explicitly recommends and auto-references MCP integrations (see "MCP Tool Integration" listing mcp__github, mcp__playwright, mcp__context7 and "Custom MCP servers") and instructs agents to read API documentation, PRs/issues, and web content, so agents can fetch and interpret untrusted public/user-generated content (e.g., GitHub repos, public docs, web pages), enabling indirect prompt injection.