agentform

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill config declares an MCP GitHub server (server "github" using @modelcontextprotocol/server-github) and capabilities such as get_pr that read pull request content from GitHub—public, user-generated data the agent is expected to read and interpret as part of workflows.