smart-workflows

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly performs web fetching and scraping (agents/data-collector.md) and issues arbitrary HTTP requests from SQL (HTTP via SQL and the execute_workflow macro) and integrates third‑party MCP servers like context7.com, so it ingests and interprets untrusted, user- or web-provided content at runtime.