fumadocs-article-importer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md Step 2 and the Jina MCP integration docs) explicitly calls the Jina MCP read_url/parallel_read_url tools to fetch arbitrary public article URLs supplied by the user and then uses that fetched markdown to classify, translate, generate MDX, process images, and decide file writes—meaning untrusted third-party webpage content is ingested and can materially influence agent decisions and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires and calls the Jina MCP server at runtime (e.g., https://mcp.jina.ai/sse) — using the read_url/parallel_read_url tools to fetch arbitrary webpage markdown (and optionally the r.jina.ai fallback) which is injected into the agent's processing pipeline and therefore can directly control model input/output.