mcp-security-scanner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Phase 2 Network Scan (mcp-scan network ) explicitly sends HTTP requests to arbitrary IPs/domains and ingests responses from user-specified/public network hosts, exposing the agent to untrusted third-party content from arbitrary URLs.