github-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's get_file_contents tool fetches files from GitHub repositories (public, user-generated content) and SKILL.md explicitly instructs the agent to "use get_file_contents to understand the codebase before making changes," meaning untrusted third-party file contents can directly influence decisions and tool use.