deep-wiki

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill queries the DeepWiki MCP server (https://mcp.deepwiki.com/sse) to produce AI-generated documentation and answers for arbitrary public GitHub repositories (repoName), which means it ingests untrusted, user-generated content from public repos that the agent is expected to read and interpret.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's runtime creates an mcporter HTTP server proxy that connects to the external MCP endpoint https://mcp.deepwiki.com/sse to fetch AI-generated documentation/answers at runtime, and those responses are injected into the tool outputs used by the agent—so the remote content can directly influence agent prompts/behavior.