thegraph-mcp-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly probes and queries the public The Graph MCP SSE endpoint (https://subgraphs.mcp.thegraph.com/sse) and instructs the agent to discover/search subgraphs, fetch schemas, and execute GraphQL queries (see SKILL.md and references/usage-patterns.md), which means it ingests untrusted, user-generated third‑party content that can materially influence deployment selection and subsequent actions.