release-publishing-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The required workflow steps explicitly instruct checking and interpreting public third‑party sources (e.g., "Verify Deployment" using npm view @j0kz/..., visiting https://github.com/j0KZ/mcp-agents/releases, and monitoring GitHub issues/social media) so the agent would ingest untrusted, user‑generated web content that can change subsequent actions.