prompt-lookup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill calls the prompts.chat MCP server (via search_prompts and get_prompt) to retrieve and display public/user-created prompts and metadata, so the agent will fetch and read untrusted third-party content from prompts.chat.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill calls remote prompts.chat MCP tools (e.g., search_prompts / get_prompt / improve_prompt against prompts.chat) at runtime to fetch prompt text that is injected into and directly controls the agent's prompts, so prompts.chat (https://prompts.chat) is a required external dependency that can control agent behavior.