mcp-health-checker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill probes external servers listed in user MCP configs (e.g., URLs from ~/.openclaw/config/mcp.yaml are fetched by probe_http_server using urllib.request.urlopen, and stdio servers return JSON-RPC responses parsed by probe_stdio_server), ingesting untrusted third-party responses and using them to determine server status/tool availability which can change whether MCP tools are used.