admin-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflows (SKILL.md and references/INSTALLATION.md) instruct installing and running public MCP servers via npx and git clone (e.g., NPX patterns, git clone https://github.com/org/mcp-server.git) and lists servers like server-fetch, puppeteer, and brave-search that pull arbitrary web or third‑party content which the agent would ingest and act on as part of its tool/workflow.