MCP Architecture Expert

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly describes exposing and reading third-party resources such as GitHub issues, Slack messages, Google Drive files, and web-scraped pages (e.g., "GitHub", "Slack", "Google Drive", and "Puppeteer
• Web scraping" in the "Common MCP Servers" section) which are untrusted/user-generated content that the agent is expected to read and interpret.