codebolt-mcp-access

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly enables browsing and retrieving arbitrary web pages (e.g., codebolt.browser's browser_navigate and browser_get_html/browser_get_markdown in references/browser.md and the crawler_go_to_page in references/crawler.md), so the agent will fetch and act on untrusted public web content which could contain indirect prompt-injection instructions.