mcp-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill includes production templates that fetch and ingest data from arbitrary external APIs (e.g., templates/authenticated-api.ts calls fetch(${CONFIG.apiBaseUrl}${endpoint}) using the API_BASE_URL environment variable and returns/uses the JSON responses in tool handlers), which is clear evidence the agent will read untrusted third‑party content as part of its workflow.