server-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill exposes the agent to untrusted, user-generated content via the Nostr relays it connects to (e.g., relay lists in SKILL.md and assets/server-template.ts such as "wss://relay.contextvm.org", "wss://cvm.otherstuff.ai" and the public relays shown in the Public Server Announcements section like "wss://relay.damus.io" / "wss://nos.lol"), and the docs (references/gateway-pattern.md) explicitly describe using NostrMCPGateway to forward public Nostr traffic into an MCP server where tools/processors will read and act on client-provided messages.