agent-sdk-python

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly allows configuring external MCP servers (see SKILL.md and references/api-reference.md "External MCP Servers" / examples like mcp_servers with "sse" or "http" URLs such as "https://api.example.com/mcp"), which means the agent can call and ingest responses from arbitrary remote endpoints and use those tool results to drive decisions and actions.