langchain4j-mcp-server-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly supports HTTP MCP transports and MCP clients that call remote servers (e.g., HttpMcpTransport.Builder with sseUrl/http url and DefaultMcpClient.getResource/listResources) and includes examples integrating public GitHub data (GitHubToolProvider listing/get_issue), which means the agent can fetch and read untrusted, user-generated content from arbitrary third‑party MCP servers and APIs as part of its workflow.