unity-mcp-orchestrator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly includes package management calls that fetch from public registries and URLs (see references/tools-reference.md and references/resources-reference.md: manage_packages examples, add_registry with "https://package.openupm.com", and support for git URLs), meaning the agent can ingest and act on untrusted third‑party content that can materially change tool behavior.