byted-data-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly calls an external MCP Gateway (DEFAULT_MCP_GATEWAY_URL) to fetch data from public third‑party datasets and its SKILL.md plus scripts (scripts/describe_datasource.py, scripts/query_datasource.py, scripts/get_field_enums.py) require the agent to read and act on those returned values to construct filters and next queries, so untrusted third‑party content can materially influence behavior.