claude-agent-sdk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes examples and tools that fetch and ingest external web content (e.g., templates/custom-mcp-server.ts calls fetch to https://api.weather.com, MCP HTTP/SSE server examples with url: "https://api.example.com/mcp", and the documented WebFetch/WebSearch tools), so the agent can read untrusted third‑party/web data as part of its workflow, enabling indirect prompt injection.