mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill includes a "Web Scraper Server" example (scrape_url) that uses axios/cheerio to fetch and return content from arbitrary URLs — and also a GitHub integration that reads public repos — so the agent would consume untrusted, user-generated open-web content that could enable indirect prompt injection.